diff --git a/.gitignore b/.gitignore index 992c1daf4..939f3a58a 100644 --- a/.gitignore +++ b/.gitignore @@ -72,12 +72,16 @@ test/*.js /packages/xstate-persistence/plugin.schema.json /packages/credential-store/plugin.schema.json /packages/pd-manager/plugin.schema.json +/packages/event-logger/plugin.schema.json +/packages/credential-validation/plugin.schema.json +/packages/oidf-client/plugin.schema.json **/.env.energyshr **/.env.local /packages/web3-provider-headless/__tests__/config.json -/packages/event-logger/plugin.schema.json + /packages/public-key-hosting/__tests__/database/test.sqlite +/__tests__/database/test.sqlite .nx/cache .nx/workspace-data diff --git a/packages/data-store/src/__tests__/contact.store.test.ts b/packages/data-store/src/__tests__/contact.store.test.ts index 3d82417b7..46cb5514f 100644 --- a/packages/data-store/src/__tests__/contact.store.test.ts +++ b/packages/data-store/src/__tests__/contact.store.test.ts @@ -1,6 +1,14 @@ import { DataSources } from '@sphereon/ssi-sdk.agent-config' import { DataSource } from 'typeorm' -import { DataStoreContactEntities, DataStoreMigrations, IdentityOrigin, MetadataItem, MetadataTypes, PartyOrigin } from '../index' +import { + ConnectionType, + DataStoreContactEntities, + DataStoreMigrations, + IdentityOrigin, + MetadataItem, + MetadataTypes, + PartyOrigin +} from '../index' import { ContactStore } from '../contact/ContactStore' import { CorrelationIdentifierType, @@ -367,6 +375,27 @@ describe('Contact store tests', (): void => { correlationId: 'example_did3', }, }, + { + alias: 'test_alias4', + origin: IdentityOrigin.EXTERNAL, + roles: [CredentialRole.FEDERATION_TRUST_ANCHOR], + connection: { + type: ConnectionType.OPENID_CONNECT, + config: { + clientId: '138d7bf8-c930-4c6e-b928-97d3a4928b01', + clientSecret: '03b3955f-d020-4f2a-8a27-4e452d4e27a0', + scopes: ['auth'], + issuer: 'https://example.com/app-test', + redirectUrl: 'app:/callback', + dangerouslyAllowInsecureHttpRequests: true, + clientAuthMethod: 'post', + }, + }, + identifier: { + type: CorrelationIdentifierType.URL, + correlationId: 'example_url4', + }, + }, ], electronicAddresses: [ { @@ -391,7 +420,7 @@ describe('Contact store tests', (): void => { } const result: Array = await contactStore.getParties(args) - expect(result[0].identities.length).toEqual(3) + expect(result[0].identities.length).toEqual(4) expect(result[0].electronicAddresses.length).toEqual(1) }) @@ -1208,6 +1237,27 @@ describe('Contact store tests', (): void => { correlationId: 'example_did3', }, }, + { + alias: 'test_alias4', + origin: IdentityOrigin.EXTERNAL, + roles: [CredentialRole.FEDERATION_TRUST_ANCHOR], + connection: { + type: ConnectionType.OPENID_CONNECT, + config: { + clientId: '138d7bf8-c930-4c6e-b928-97d3a4928b01', + clientSecret: '03b3955f-d020-4f2a-8a27-4e452d4e27a0', + scopes: ['auth'], + issuer: 'https://example.com/app-test', + redirectUrl: 'app:/callback', + dangerouslyAllowInsecureHttpRequests: true, + clientAuthMethod: 'post', + }, + }, + identifier: { + type: CorrelationIdentifierType.URL, + correlationId: 'example_url4', + }, + }, ], } @@ -1215,8 +1265,13 @@ describe('Contact store tests', (): void => { const result: Party = await contactStore.getParty({ partyId: savedParty.id }) expect(result.roles).toBeDefined() - expect(result.roles.length).toEqual(3) - expect(result.roles).toEqual([CredentialRole.VERIFIER, CredentialRole.ISSUER, CredentialRole.HOLDER]) + expect(result.roles.length).toEqual(4) + expect(result.roles).toEqual([ + CredentialRole.VERIFIER, + CredentialRole.ISSUER, + CredentialRole.HOLDER, + CredentialRole.FEDERATION_TRUST_ANCHOR + ]) }) it('should add relationship', async (): Promise => { diff --git a/packages/data-store/src/__tests__/digitalCredential.entities.test.ts b/packages/data-store/src/__tests__/digitalCredential.entities.test.ts index c10ee4839..3e856fdbf 100644 --- a/packages/data-store/src/__tests__/digitalCredential.entities.test.ts +++ b/packages/data-store/src/__tests__/digitalCredential.entities.test.ts @@ -3,16 +3,16 @@ import { DataSource } from 'typeorm' import { CredentialRole, DataStoreDigitalCredentialEntities } from '../index' import { DataStoreDigitalCredentialMigrations } from '../migrations' import { DigitalCredentialEntity } from '../entities/digitalCredential/DigitalCredentialEntity' +import { computeEntryHash } from '@veramo/utils' +import { nonPersistedDigitalCredentialEntityFromAddArgs } from '../utils/digitalCredential/MappingUtils' +import { createHash } from 'crypto' import { + AddCredentialArgs, CredentialCorrelationType, CredentialDocumentFormat, DocumentType, NonPersistedDigitalCredential, -} from '../types/digitalCredential/digitalCredential' -import { computeEntryHash } from '@veramo/utils' -import { AddCredentialArgs } from '../types/digitalCredential/IAbstractDigitalCredentialStore' -import { nonPersistedDigitalCredentialEntityFromAddArgs } from '../utils/digitalCredential/MappingUtils' -import { createHash } from 'crypto' +} from '../types' describe('Database entities tests', (): void => { let dbConnection: DataSource diff --git a/packages/data-store/src/__tests__/digitalCredential.store.test.ts b/packages/data-store/src/__tests__/digitalCredential.store.test.ts index 34e34b433..50bf32d5d 100644 --- a/packages/data-store/src/__tests__/digitalCredential.store.test.ts +++ b/packages/data-store/src/__tests__/digitalCredential.store.test.ts @@ -13,7 +13,7 @@ import { DocumentType, DigitalCredential, GetCredentialsArgs, - GetCredentialsResponse, + GetCredentialsResponse } from '../types' describe('Database entities tests', (): void => { diff --git a/packages/data-store/src/__tests__/eventLogger.entities.test.ts b/packages/data-store/src/__tests__/eventLogger.entities.test.ts index b08040ede..825dfb113 100644 --- a/packages/data-store/src/__tests__/eventLogger.entities.test.ts +++ b/packages/data-store/src/__tests__/eventLogger.entities.test.ts @@ -4,12 +4,9 @@ import { ActionType, InitiatorType, LoggingEventType, LogLevel, SubSystem, Syste import { DataSource } from 'typeorm' import { DataStoreEventLoggerEntities } from '../index' import { DataStoreEventLoggerMigrations } from '../migrations' -import { - activityEventEntityFrom, - auditEventEntityFrom, - AuditEventEntity -} from '../entities/eventLogger/AuditEventEntity' +import { AuditEventEntity } from '../entities/eventLogger/AuditEventEntity' import { NonPersistedAuditLoggingEvent, NonPersistedActivityLoggingEvent } from '../types' +import { activityEventEntityFrom, auditEventEntityFrom } from '../utils/eventLogger/MappingUtils' describe('Database entities tests', (): void => { let dbConnection: DataSource @@ -80,7 +77,7 @@ describe('Database entities tests', (): void => { }) it('should save activity event to database', async (): Promise => { - const auditEvent: NonPersistedActivityLoggingEvent = { + const activityEvent: NonPersistedActivityLoggingEvent = { timestamp: new Date(), level: LogLevel.DEBUG, originalCredential: 'test_credential_string', @@ -104,28 +101,31 @@ describe('Database entities tests', (): void => { diagnosticData: { data: 'test_data_string' }, } - const activityEventEntity: AuditEventEntity = activityEventEntityFrom(auditEvent) + const activityEventEntity: AuditEventEntity = activityEventEntityFrom(activityEvent) const fromDb: AuditEventEntity = await dbConnection.getRepository(AuditEventEntity).save(activityEventEntity) expect(fromDb).toBeDefined() expect(fromDb?.id).not.toBeNull() expect(fromDb?.type).toEqual(LoggingEventType.ACTIVITY) - expect(fromDb?.timestamp).toEqual(auditEvent.timestamp) - expect(fromDb?.level).toEqual(auditEvent.level) - expect(fromDb?.correlationId).toEqual(auditEvent.correlationId) - expect(fromDb?.system).toEqual(auditEvent.system) - expect(fromDb?.subSystemType).toEqual(auditEvent.subSystemType) - expect(fromDb?.actionType).toEqual(auditEvent.actionType) - expect(fromDb?.actionSubType).toEqual(auditEvent.actionSubType) - expect(fromDb?.initiatorType).toEqual(auditEvent.initiatorType) - expect(fromDb?.systemCorrelationIdType).toEqual(auditEvent.systemCorrelationIdType) - expect(fromDb?.systemCorrelationId).toEqual(auditEvent.systemCorrelationId) - expect(fromDb?.systemAlias).toEqual(auditEvent.systemAlias) - expect(fromDb?.partyCorrelationType).toEqual(auditEvent.partyCorrelationType) - expect(fromDb?.partyCorrelationId).toEqual(auditEvent.partyCorrelationId) - expect(fromDb?.partyAlias).toEqual(auditEvent.partyAlias) - expect(fromDb?.description).toEqual(auditEvent.description) - expect(fromDb?.data).toEqual(JSON.stringify(auditEvent.data)) - expect(fromDb?.diagnosticData).toEqual(JSON.stringify(auditEvent.diagnosticData)) + expect(fromDb?.timestamp).toEqual(activityEvent.timestamp) + expect(fromDb?.level).toEqual(activityEvent.level) + expect(fromDb?.correlationId).toEqual(activityEvent.correlationId) + expect(fromDb?.system).toEqual(activityEvent.system) + expect(fromDb?.subSystemType).toEqual(activityEvent.subSystemType) + expect(fromDb?.actionType).toEqual(activityEvent.actionType) + expect(fromDb?.actionSubType).toEqual(activityEvent.actionSubType) + expect(fromDb?.initiatorType).toEqual(activityEvent.initiatorType) + expect(fromDb?.systemCorrelationIdType).toEqual(activityEvent.systemCorrelationIdType) + expect(fromDb?.systemCorrelationId).toEqual(activityEvent.systemCorrelationId) + expect(fromDb?.systemAlias).toEqual(activityEvent.systemAlias) + expect(fromDb?.partyCorrelationType).toEqual(activityEvent.partyCorrelationType) + expect(fromDb?.partyCorrelationId).toEqual(activityEvent.partyCorrelationId) + expect(fromDb?.partyAlias).toEqual(activityEvent.partyAlias) + expect(fromDb?.description).toEqual(activityEvent.description) + expect(fromDb?.data).toEqual(JSON.stringify(activityEvent.data)) + expect(fromDb?.diagnosticData).toEqual(JSON.stringify(activityEvent.diagnosticData)) + expect(fromDb?.credentialHash).toEqual(activityEvent.credentialHash) + expect(fromDb?.parentCredentialHash).toEqual(activityEvent.parentCredentialHash) + expect(fromDb?.credentialType).toEqual(activityEvent.credentialType) }) }) diff --git a/packages/data-store/src/__tests__/issuanceBranding.entities.test.ts b/packages/data-store/src/__tests__/issuanceBranding.entities.test.ts index c4d07ec39..264268f8a 100644 --- a/packages/data-store/src/__tests__/issuanceBranding.entities.test.ts +++ b/packages/data-store/src/__tests__/issuanceBranding.entities.test.ts @@ -468,6 +468,10 @@ describe('Database entities tests', (): void => { localeBranding: [ { alias: 'issuerAlias', + clientUri: 'test_uri', + tosUri: 'test_uri', + policyUri: 'test_uri', + contacts: ['test_email_address1', 'test_email_address2'], locale: 'en-US', logo: { uri: 'data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/4huQSUNDX1BST0ZJTEUAAQEAABuAYXBwbAIQAABtbnRyUkdCIFhZWiAH4wADAA4ACwAKAAJhY3NwQVBQTAAAAABBUFBMAAAAAAAAAAAAAAAAAAAAAAAA9tYAAQAAAADTLWFwcGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFkZXNjAAABUAAAAGJkc2NtAAABtAAABIRjcHJ0AAAGOAAAACN3dHB0AAAGXAAAABRyWFlaAAAGcAAAABRnWFlaAAAGhAAAABRiWFlaAAAGmAAAABRyVFJDAAAGrAAACAxhYXJnAAAOuAAAACB2Y2d0AAAO2AAABhJuZGluAAAU7AAABj5jaGFkAAAbLAAAACxtbW9kAAAbWAAAAChiVFJDAAAGrAAACAxnVFJDAAAGrAAACAxhYWJnAAAOuAAAACBhYWdnAAAOuAAAACBkZXNjAAAAAAAAAAhEaXNwbGF5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbWx1YwAAAAAAAAAmAAAADGhySFIAAAAUAAAB2GtvS1IAAAAMAAAB7G5iTk8AAAASAAAB+GlkAAAAAAASAAACCmh1SFUAAAAUAAACHGNzQ1oAAAAWAAACMGRhREsAAAAcAAACRm5sTkwAAAAWAAACYmZpRkkAAAAQAAACeGl0SVQAAAAUAAACiGVzRVMAAAASAAACnHJvUk8AAAASAAACnGZyQ0EAAAAWAAACrmFyAAAAAAAUAAACxHVrVUEAAAAcAAAC2GhlSUwAAAAWAAAC9HpoVFcAAAAMAAADCnZpVk4AAAAOAAADFnNrU0sAAAAWAAADJHpoQ04AAAAMAAADCnJ1UlUAAAAkAAADOmVuR0IAAAAUAAADXmZyRlIAAAAWAAADcm1zAAAAAAASAAADiGhpSU4AAAASAAADmnRoVEgAAAAMAAADrGNhRVMAAAAYAAADuGVuQVUAAAAUAAADXmVzWEwAAAASAAACnGRlREUAAAAQAAAD0GVuVVMAAAASAAAD4HB0QlIAAAAYAAAD8nBsUEwAAAASAAAECmVsR1IAAAAiAAAEHHN2U0UAAAAQAAAEPnRyVFIAAAAUAAAETnB0UFQAAAAWAAAEYmphSlAAAAAMAAAEeABMAEMARAAgAHUAIABiAG8AagBpzuy37AAgAEwAQwBEAEYAYQByAGcAZQAtAEwAQwBEAEwAQwBEACAAVwBhAHIAbgBhAFMAegDtAG4AZQBzACAATABDAEQAQgBhAHIAZQB2AG4A/QAgAEwAQwBEAEwAQwBEAC0AZgBhAHIAdgBlAHMAawDmAHIAbQBLAGwAZQB1AHIAZQBuAC0ATABDAEQAVgDkAHIAaQAtAEwAQwBEAEwAQwBEACAAYwBvAGwAbwByAGkATABDAEQAIABjAG8AbABvAHIAQQBDAEwAIABjAG8AdQBsAGUAdQByIA8ATABDAEQAIAZFBkQGSAZGBikEGgQ+BDsETAQ+BEAEPgQyBDgEOQAgAEwAQwBEIA8ATABDAEQAIAXmBdEF4gXVBeAF2V9pgnIAIABMAEMARABMAEMARAAgAE0A4AB1AEYAYQByAGUAYgBuAP0AIABMAEMARAQmBDIENQRCBD0EPgQ5ACAEFgQaAC0ENAQ4BEEEPwQ7BDUEOQBDAG8AbABvAHUAcgAgAEwAQwBEAEwAQwBEACAAYwBvAHUAbABlAHUAcgBXAGEAcgBuAGEAIABMAEMARAkwCQIJFwlACSgAIABMAEMARABMAEMARAAgDioONQBMAEMARAAgAGUAbgAgAGMAbwBsAG8AcgBGAGEAcgBiAC0ATABDAEQAQwBvAGwAbwByACAATABDAEQATABDAEQAIABDAG8AbABvAHIAaQBkAG8ASwBvAGwAbwByACAATABDAEQDiAOzA8cDwQPJA7wDtwAgA78DuAPMA70DtwAgAEwAQwBEAEYA5AByAGcALQBMAEMARABSAGUAbgBrAGwAaQAgAEwAQwBEAEwAQwBEACAAYQAgAEMAbwByAGUAczCrMOkw/ABMAEMARHRleHQAAAAAQ29weXJpZ2h0IEFwcGxlIEluYy4sIDIwMTkAAFhZWiAAAAAAAADzUgABAAAAARbPWFlaIAAAAAAAAGXoAAA8EAAACdBYWVogAAAAAAAAapMAAKrFAAAXilhZWiAAAAAAAAAmWwAAGSwAALHSY3VydgAAAAAAAAQAAAAABQAKAA8AFAAZAB4AIwAoAC0AMgA2ADsAQABFAEoATwBUAFkAXgBjAGgAbQByAHcAfACBAIYAiwCQAJUAmgCfAKMAqACtALIAtwC8AMEAxgDLANAA1QDbAOAA5QDrAPAA9gD7AQEBBwENARMBGQEfASUBKwEyATgBPgFFAUwBUgFZAWABZwFuAXUBfAGDAYsBkgGaAaEBqQGxAbkBwQHJAdEB2QHhAekB8gH6AgMCDAIUAh0CJgIvAjgCQQJLAlQCXQJnAnECegKEAo4CmAKiAqwCtgLBAssC1QLgAusC9QMAAwsDFgMhAy0DOANDA08DWgNmA3IDfgOKA5YDogOuA7oDxwPTA+AD7AP5BAYEEwQgBC0EOwRIBFUEYwRxBH4EjASaBKgEtgTEBNME4QTwBP4FDQUcBSsFOgVJBVgFZwV3BYYFlgWmBbUFxQXVBeUF9gYGBhYGJwY3BkgGWQZqBnsGjAadBq8GwAbRBuMG9QcHBxkHKwc9B08HYQd0B4YHmQesB78H0gflB/gICwgfCDIIRghaCG4IggiWCKoIvgjSCOcI+wkQCSUJOglPCWQJeQmPCaQJugnPCeUJ+woRCicKPQpUCmoKgQqYCq4KxQrcCvMLCwsiCzkLUQtpC4ALmAuwC8gL4Qv5DBIMKgxDDFwMdQyODKcMwAzZDPMNDQ0mDUANWg10DY4NqQ3DDd4N+A4TDi4OSQ5kDn8Omw62DtIO7g8JDyUPQQ9eD3oPlg+zD88P7BAJECYQQxBhEH4QmxC5ENcQ9RETETERTxFtEYwRqhHJEegSBxImEkUSZBKEEqMSwxLjEwMTIxNDE2MTgxOkE8UT5RQGFCcUSRRqFIsUrRTOFPAVEhU0FVYVeBWbFb0V4BYDFiYWSRZsFo8WshbWFvoXHRdBF2UXiReuF9IX9xgbGEAYZRiKGK8Y1Rj6GSAZRRlrGZEZtxndGgQaKhpRGncanhrFGuwbFBs7G2MbihuyG9ocAhwqHFIcexyjHMwc9R0eHUcdcB2ZHcMd7B4WHkAeah6UHr4e6R8THz4faR+UH78f6iAVIEEgbCCYIMQg8CEcIUghdSGhIc4h+yInIlUigiKvIt0jCiM4I2YjlCPCI/AkHyRNJHwkqyTaJQklOCVoJZclxyX3JicmVyaHJrcm6CcYJ0kneierJ9woDSg/KHEooijUKQYpOClrKZ0p0CoCKjUqaCqbKs8rAis2K2krnSvRLAUsOSxuLKIs1y0MLUEtdi2rLeEuFi5MLoIuty7uLyQvWi+RL8cv/jA1MGwwpDDbMRIxSjGCMbox8jIqMmMymzLUMw0zRjN/M7gz8TQrNGU0njTYNRM1TTWHNcI1/TY3NnI2rjbpNyQ3YDecN9c4FDhQOIw4yDkFOUI5fzm8Ofk6Njp0OrI67zstO2s7qjvoPCc8ZTykPOM9Ij1hPaE94D4gPmA+oD7gPyE/YT+iP+JAI0BkQKZA50EpQWpBrEHuQjBCckK1QvdDOkN9Q8BEA0RHRIpEzkUSRVVFmkXeRiJGZ0arRvBHNUd7R8BIBUhLSJFI10kdSWNJqUnwSjdKfUrESwxLU0uaS+JMKkxyTLpNAk1KTZNN3E4lTm5Ot08AT0lPk0/dUCdQcVC7UQZRUFGbUeZSMVJ8UsdTE1NfU6pT9lRCVI9U21UoVXVVwlYPVlxWqVb3V0RXklfgWC9YfVjLWRpZaVm4WgdaVlqmWvVbRVuVW+VcNVyGXNZdJ114XcleGl5sXr1fD19hX7NgBWBXYKpg/GFPYaJh9WJJYpxi8GNDY5dj62RAZJRk6WU9ZZJl52Y9ZpJm6Gc9Z5Nn6Wg/aJZo7GlDaZpp8WpIap9q92tPa6dr/2xXbK9tCG1gbbluEm5rbsRvHm94b9FwK3CGcOBxOnGVcfByS3KmcwFzXXO4dBR0cHTMdSh1hXXhdj52m3b4d1Z3s3gReG54zHkqeYl553pGeqV7BHtje8J8IXyBfOF9QX2hfgF+Yn7CfyN/hH/lgEeAqIEKgWuBzYIwgpKC9INXg7qEHYSAhOOFR4Wrhg6GcobXhzuHn4gEiGmIzokziZmJ/opkisqLMIuWi/yMY4zKjTGNmI3/jmaOzo82j56QBpBukNaRP5GokhGSepLjk02TtpQglIqU9JVflcmWNJaflwqXdZfgmEyYuJkkmZCZ/JpomtWbQpuvnByciZz3nWSd0p5Anq6fHZ+Ln/qgaaDYoUehtqImopajBqN2o+akVqTHpTilqaYapoum/adup+CoUqjEqTepqaocqo+rAqt1q+msXKzQrUStuK4trqGvFq+LsACwdbDqsWCx1rJLssKzOLOutCW0nLUTtYq2AbZ5tvC3aLfguFm40blKucK6O7q1uy67p7whvJu9Fb2Pvgq+hL7/v3q/9cBwwOzBZ8Hjwl/C28NYw9TEUcTOxUvFyMZGxsPHQce/yD3IvMk6ybnKOMq3yzbLtsw1zLXNNc21zjbOts83z7jQOdC60TzRvtI/0sHTRNPG1EnUy9VO1dHWVdbY11zX4Nhk2OjZbNnx2nba+9uA3AXcit0Q3ZbeHN6i3ynfr+A24L3hROHM4lPi2+Nj4+vkc+T85YTmDeaW5x/nqegy6LzpRunQ6lvq5etw6/vshu0R7ZzuKO6070DvzPBY8OXxcvH/8ozzGfOn9DT0wvVQ9d72bfb794r4Gfio+Tj5x/pX+uf7d/wH/Jj9Kf26/kv+3P9t//9wYXJhAAAAAAADAAAAAmZmAADypwAADVkAABPQAAAKW3ZjZ3QAAAAAAAAAAAADAQAAAgAAAFYBRQJBAzgEGAUKBggHMAhZCYMKvwwGDWEOtxAKEWwSyhQ1FZwXABhrGc4bNhyQHesfQCCPIdEjCiQ5JVkmaydtKFwpQiodKvErxiyZLWsuPS8NL98wrzGAMlEzITPtNLk1hTZRNxw35TiuOXg6QTsKO9M8nD1kPiw+8j+3QHxBQkIMQt9DvkSqRZ1GkUd+SGFJP0oYSvFLzEyuTZ1OoU+8UONSBVMZVBpVEFYDVvxX+1kAWglbDlwNXQRd9V7iX9BgwGGzYqZjmWSKZXlmZ2dUaEJpNGoqayFsGW0PbgNu9G/icNBxu3Kkc450f3WGdrV4BHllesB8AH0mfjp/SYBbgXWCjoOVhHuFNIXjho+HUIgliQuKAIsCjBGNKI4+j06QV5FaklqTWJRWlVSWUZdOmEuZR5pCmz6cOZ0zni2fKqAwoUuig6PgpUmmrKfrqRGqJasxrDutRK5Nr1ewX7FosnCzd7R+tYK2hbeIuIu5j7qVu5y8pr20vsW/18DgwdbCr8NmxBjEyMWWxnfHZshdyVfKUctLzEfNSM5Uz3HQoNHZ0wvUL9VD1knXRdg42SXaDtr52+jc2N3B3qPfg+Bn4VXiTuNN5E/lT+ZK5znoF+jg6YrqNOrg66jseu1I7gjuqe9H7+Pwo/F48l7zT/RN9Wr2wviH+rf9RP//AAAAVgFFAjEDBAPpBOAF4wbwCAMJNgpoC5wM4A4qD3cQxhIZE3kU1BYyF4IY3Ro1G4Yc0B4aH1ggkSG8Itwj9ST2JeomzSejKHIpPioIKtQrnyxqLTUt/i7GL44wVzEfMecyrjN2ND01ATXFNoo3TzgTONY5mTpbOx073DycPVw+GT7XP5dAW0EmQftC1UOxRIxFZUY8RxFH5ki8SZVKdktlTGJNaE5vT21QYlFPUjtTKlQbVQ5WAlb2V+dY1lnDWq5bm1yKXXpeaV9YYERhL2IYYwFj6mTVZcRmtWemaJZphGpva1lsQG0nbg1u9G/hcN5x9HMhdF91mXbBd9h443nsevl8C30efih/IIAGgN+BtYKPg3KEXoVVhliHaYiDiZ2KrYu1jLaNtI6xj62QqZGlkqCTm5SVlY+WiZeCmHmZb5pnm2mcgJ2/nymgqKIno5Kk06X5pw6oGqkjqiqrMaw3rT6uRK9NsFmxbLKGs6O0vrXRtt636LjzugO7F7wrvTu+QL83wCHBAsHiwsfDtcSnxZvGkMeFyHrJcsp0y4nMvM4Wz33Q3dIa0z/UVNVm1oDXpdjP2fTbEtwt3UzecN+X4Lvh0uLe4+Lk6+YF5znogenR6xHsMO017ibvD+/48Obx1/LK87n0ofV/9lb3J/f2+Lz5evo7+wz8RP3p//8AAABWAS4B6wKdA14EKQUHBfEG6QfqCOIJ8QsKDCUNQQ5aD4EQrBHREv8UJRVFFmoXhRifGbQaxRvIHMYdux6hH3ggQiD6IaQiSyLrI4gkJyTCJV4l+SaUJzAnyihnKQcppypIKucrhiwoLMUtYy4ALp0vPC/YMHUxEjGvMkwy6DODNB40uDVSNew2hTcfN7c4UDjoOX86FjqrO0E70jxjPO49ez4HPps/ND/WQHpBHkG4Qk9C2UNoQ/9EokVQRglGw0d8SDRI6kmiSlxLGEvWTJVNU04PTslPg1A7UPRRr1JrUydT5FShVV1WGVbUV49YSFj/WbVabFskW91cll1OXfZelF8lX7RgQWDaYXhiImLYY5lkaGVHZjdnOWhJaWFqbWthbD9tEG3cbqVvbXA1cPxxw3KKc1B0FXTbdZ92ZHcmd+Z4nnlFedx6bHsUe9N8u32+fsR/w4C5gamCloODhG+FW4ZFhyqIBYjUiZmKWoski/uM4I3NjrmPoJB+kVuSOpMak/mU1pWylpeXjZiSmaGas5vGnNid6p77oA2hIKIzo0ikXKVvpn6niaiMqYCqYas3rA6s8q3trvmwDLEesjKzULR7tbS2+Lg5uXC6mbuwvLi9u77Jv/XBR8K5xFPF9ceWyTPK1MyNzmDQSdJB1ELWbNkO3Ovizur19Pn//wAAbmRpbgAAAAAAAAY2AACTgQAAWIYAAFU/AACRxAAAJtUAABcKAABQDQAAVDkAAiZmAAIMzAABOuEAAwEAAAIAAAABAAMABgALABEAGAAfACcAMAA6AEQATwBaAGYAcwCBAI8AngCuAL4AzwDhAPQBBwEcATEBRwFfAXcBkQGsAcgB5gIGAigCTAJzAp0CywL/AzgDdgO5A/4ERwSTBOIFMwWIBd8GOgaZBvsHYQfKCDcIpwkbCZEKCwqJCwoLkAwaDKcNNA28Dj0Oug84D7sQSBDbEXQSEBKtE0QT0RRUFNEVTxXSFl8W+BeZGD0Y3hl9GhsauhteHAkcvB12HjQe8x+yIHIhNSH8IscjliRoJTwmDibgJ7MoiCliKkErJiwOLPst7i7kL9UwtTF7MjEy3jOINDU07zW4NpI3eThkOUw6MDsXPA49Lj6bQCtBjULJQ+9FCEYVRxlIHEkkSjRLTkxxTZhOxE/yUSNSV1OOVMdWBFdEWIZZzFsWXGJdql7kYAZhEWIGYvVj5WTcZepnD2hLaZVq52w8bZRu7nBKcapzDHRxddp3Rni4ei17pn0gfpuAFoGRgwqEgYX1h2qI64qLjG2OtZERkxqU7ZapmF+aFpvQnY2fR6D1oo+kFKWIpvaoa6nyq5CtRa8RsPGy5rTotuu457rjvPG/F8FDw17FYMdTyT/LL80pzzbRbtP41wTaCdyf3xPhvuUO6HzrQe2v7/vyNvRG9gr3jfjK+ej65fvZ/LT9kP5i/zD//wAAAAEAAwAHAAwAEgAZACEAKgAzAD0ASABUAGAAbQB7AIkAmQCpALkAywDdAPABBQEaATABRwFfAXkBlAGwAc4B7QIPAjMCWgKDArIC5QMfA18DpAPsBDYEhATVBSkFgQXcBjoGmwcAB2gH1QhFCLgJLwmqCikKrAs0C78MUAzjDXgOCQ6VDyEPsBBDENsRdxIWErcTVhPtFH0VChWYFi0WyhdvGBcYwBlpGhQawBtvHCQc3B2ZHlgfGB/ZIJ0hZCIwIwAj1CSrJYQmXCc0KA0o6inMKrMrnyyPLYMufC90MGMxQDIMMs4zijRLNRc18TbZN8c4tjmiOow7ejx2PYk+uD/3QTNCZEOLRKZFtka7R7tIvUnJSuFMAk0qTlZPhVC3UexTJFRfVZ1W3lgiWWpatlwHXVdeml/FYNFhwmKpY4hkaWVSZkhnWWiCacBrDWxibbxvGnB6cd1zQnSpdg93cHjLeiF7dnzQfjV/pIEbgpSECoV7huyIYYnii3qNMI8CkN2SsZR2ljSX8pmxm3WdOp76oKaiMqOdpOemJ6doqLCqF6ucrT2u7bCZsjmzzrVhtvu4orpRvAC9qb9MwPHCn8RixjrIIcoEy83Nds8G0IrSDNOi1V/XTdls26fd5+Af4lDkgea+6RfrkO4m8M3zlPaM+Un7Mvye/eT+8f//AAAAAQAEAAkAEAAYACEAKwA2AEMAUABeAG0AfQCPAKEAtADIAN4A9AEMASYBQAFdAXsBmwG9AeECCQIzAmEClQLQAxUDZQO9BBwEgATqBVkFzQZDBr0HPQfBCEwI3QlzCg8KsAtWDAMMtw1xDjEO+A/FEJkRdRJZE0kUShVRFkoXNxgpGTUaXxt5HHQdYh5UH04gTSFNIkwjTSRSJV8mcyeNKKopyCrpLA0tNy5mL5ow1jIaM2Q0rzX7N1A4zTqJPFk+BT+QQPxCS0ODRKZFt0a8R75Izkn7S0tMtk4uT6xRLlK2VENV1ldtWQparFxWXhFgC2JfZFtl5Gc7aItp5mtSbMxuTW/ScVty6HR7dh533nnGe8B9nX9VgPqCoYRWhh+H8Im9i4yNZo9HkRmSy5RmlfaXg5kRmqKcNp3Nn2ahAaKcpDil1ad1qRuqyKx/rkewL7JGtH+2oriPulm8F73Xv5vBWcMHxKXGNMe7yUXK18x4zi/QA9Hw0+jV0deR2Sfandv+3UXeit/L4Q/iVeOg5OnmMedr6KDpyOrq7AXtHO4w70TwV/Fh8mTzUPQi9PX1jfYc9qr3Ofea9/n4V/i2+Rb5cvm2+fv6QPqE+sn7DvtT+5f70PwI/ED8ePyx/On9If1Z/ZL9yv39/jH+ZP6X/sv+/v8x/2X/mP/M//8AAHNmMzIAAAAAAAEMQgAABd7///MmAAAHkgAA/ZH///ui///9owAAA9wAAMBsbW1vZAAAAAAAAAYQAACc8AAAAADLuPEEAAAAAAAAAAAAAAAAAAAAAP/bAEMAAwICAwICAwMDAwQDAwQFCAUFBAQFCgcHBggMCgwMCwoLCw0OEhANDhEOCwsQFhARExQVFRUMDxcYFhQYEhQVFP/bAEMBAwQEBQQFCQUFCRQNCw0UFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFP/CABEIAMgAyAMBEQACEQEDEQH/xAAcAAEBAQADAQEBAAAAAAAAAAAABwUEBggDAQL/xAAbAQEAAgMBAQAAAAAAAAAAAAAABQcBAgQDBv/aAAwDAQACEAMQAAAB9UgAAAAAAAAAAAAAAAAAAAAAAAAAAAxfGSwfCTAAAAA3feM2/aNAAAAAENhbN1/WO5e/gAAABxdfbD8JO7TdYgAAAACGwtm2GWr3R9OQAAADP06YzD2LdpusQAAAABDYWzbDLV7o+nIAAABn6dMZh7Fu03WIAAAAAhsLZthlq90fTkAAAAz9OmMw9i3abrEAAAAAQ2Fs2wy1e6PpyAdPOpZc87/hzwZ+nTGYexbtN1iAAAAAIbC2bYZavdH05PkeTtks2fU+RzT03osOGfp0xmHsW7TdYgAAAACGwtm2GWr3R9OSQZeVd3p7RZ8MI8w7rDqr2Gfp0xmHsW7TdYgAAAACGwtm2GWr3R9OSD7PN2z17opmA/D9Bn6dMZh7Fu03WIAAAAAhsLZthlq90fTk66eLN2bl3nCjYV3V2sGfp0xmHsW7TdYgAAAACGwtm2GWr3R9OQYxHNk2y6Bl/J6e0WjDP06YzD2LdpusQAAAABDYWzbDLV7o+nIABhHi/d+nuzRn6dMZh7Fu03WIAAAAAhsLZthlq90fTknOUpy9J6uSfA8R7vme59Gfp0xmHsW7TdYgAAAACGwtm2GWr3R9OTzfsg2zXw7gdWMLL05otmGfp0xmHsW7TdYgAAAADhadPL25/wCs4HRcpTlhmsVbCgYDP06YzD2LdpusQAAAAAAAAAAM/TpjMPYt2m6xAAAAAE74PrZ9wfV/rAAAHcOv5+qSfxGfp0xmHsW7TdYgAAAACGwtm2CWr3S9OQAAADP06YzD2LdpusQAAAABDYWzbDLV7o+nIAAABn6dMZh7Fu03WIAAAAAksX951LknfpnUAAAD5tu1dMHXZX4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/8QAKRAAAQEHBAMAAgMBAAAAAAAABQABAgMEBgc1FzAyMxATFiAxEUBQYP/aAAgBAQABBQL/AGCRmTEM+2Cr7YKvtgq+2Cr7YKvtgq+2Cr7YKvtgq+2Cr7YKhpqTL7t0emTt8KjSmnIhaciFpyIWnIhaciFpyIWnIhaciFpyIU3b4VBlbXcNy6PSNx2yRx9ruG5dHpG47ZI4+13Dcuj0jcdskcfa7huXR6RuO8kKuEjGv3PEOtlrjBZhsnPyxCH4I4+13Dcuj0jccosVyBCqquZkzFTsJ95n6UnOx5CNRlcsMtRHH2u4bl0ekbjlc0i9KBFRFGSkIe7DccYTp8eXh1LRM0GnaPoWGH8Ecfa7huXR6RuOV14TWyaoio5YkJ/Ejj7XcNy6PSNxyqANDOiyQyYEzbrzXWj63MDmD7rPIPVA435I4+13Dcuj0jcd4Jh5MxBI2qhvKfoAzIqLCfgPuPvQ36CrF8r4I4+13Dcuj0jcd+JUJJGYJsY0OVAzL0mZRHH2u4bl0ekbjlVdZS9PQ6XuHGl5uXmYU3BUePDloVSk3S5unJRs6cRHH2u4bl0ekbjlXFERmR0PLzot5lwjjHSR4gWX7VvaTfGuIjj7XcNyZkpecTrrHXfBmixZls5amOxumBf+ZW1M080HQ40I94I4+13D+uRx9ruG5V9Sxqdh6hlWrUIqtQiq1CKrUIqtQiq1CKrUIqqXqqdNT6I4+13Dcuj0jcdskcfa7huXR6RuO2SOPtdw3K/DzhaFDerKFD91Zr3VmvdWa91Zr3VmvdWa91Zr3VmvdWaiPVlFh2/Dzgl3/kf/xAA4EQAAAgUICQMDBAMAAAAAAAAAAQIDBAUGFjAycYGhscEREzM0UVNikdESVKIUIUEQMUByRFBg/9oACAEDAQE/Af8AcMbuangZkzIerQJNvXk3l5Em3ryby8iTb15N5eRJt68m8vIk29eTeXkSbevJvLyJNvXk3l5Em3ryby8iTb15N5eRJt68m8vIk29eTeXkNjuanfo+pQ9OmdgimvszC+K3irXJoF6dBGf4Er3l09hK95dPYSveXT2Er3l09hK95dPYSveXT2Er3l09hK95dPYSveXT2CiLHimtRQP0/cy/AjakotynYIpr7Mw17wsrPGaZduhWWIjakotynYIpr7Mw17wsrPGaZduhWWIjakotynYIpr7Mw17wsrPGaZduhWWIjakotynYIpr7Mw17wsrPGaZduhWWIjakotynYIpr7Mw17wsrPGaZduhWWIjakotynYIpr7Mw17wsrPGaZduhWWIjakotynYIpr7Mw17wsrPGaZduhWWIjakotynYIpr7Mw17wsrPGaZduhWWIjakotynYIpr7Mw17wsrPGaZduhWWIjakotynYIpr7Mw17wsrPGaZduhWWIjakotynYIpr7Mw17wsrPGaZduhWWIjakotynYIpr7Mw17wsrPGaZduhWWIjakotynVLSuZ9OpTNHTwMGZmek5pl26FZYiNqSi3L+Qy7dCssRG1JRblOw+5lT3SWEtSMvTo/YSSd5f5B3CSbu9wdwkm7vcHcJJu73B3CSbu9wdwkm7vcHcJJu73B3CSbu9wdwfbjZHazktULfUenR+P0ZduhWWIjakotynYIpr7Mw17wsrPGaZduhWWIjakotynYIpr7Mw17wsrPGaZduhWWIjakotynYUeDKwJLTaU/Tp0ZhNGF00jSSSLSf9hqoW4l8hqoW4l8hqoW4l8hqoW4l8hqoW4l8hqoW4l8hqoW4l8hqoW4l8hqoW4l8gijC6CRJEkX2/sIreDK3pKvpk/Vo05f8AJf/EACgRAAAEBQQDAAIDAAAAAAAAAAABAgMFERQxMgQQMFISIPAh0UBQYP/aAAgBAgEBPwH+4cdQ1mYrGOwrGOwrGOwrGOwrGOwrGOwrGOwrGOwrGOwrGOwrGOwbeQ7gfLErJCNCyaSMUDIoGRQMigZFAyKBkUDIoGRQMhWgZIjMQ2yuWJWSG8C4l4mIbZXLErJDeBcS8TENsrliVkhvAuJeJiG2VyxKyQ3gXrIS9F4mIbZXLErJDeBby9ZbLxMQ2yuWJWSG8C2Lae8xPZeJiG2VyxKyQ3gWxcC8TENsrliVkhvAvWQl6LxMQ2yuWJWSG8C9Jie5lsvExDbK5YlZIbwLiXiYhtlcsSskN4FtIS914mIbZXLErJDeBbEe8tz2XiYhtlcqkJXkXpMTExMT3XiYhtlfyF4mIbZXLqtQbBFIV7vUV73UV73UV73UV73UV73UV73UV73UabUreX4qLZeJiG2VyxKyQ3gXEvExDbK5YlZIbwLiXiYhtlcuuaW6SfAgVaRS/QnrvpCeu+kJ676QnrvpCeu+kJ676QnrvpCeu+kJ676QM9af4/Q0LS2vLzL/ACX/xABAEAABAQMHBgwEBQUBAAAAAAACAQADBAUQEXFzscESITByktETFDEyNDVBQkNRkZMiUmGhICRTYuEzQFBgY4H/2gAIAQEABj8C/wAwCxb5HKHzcy526aOyW5umjslubpo7Jbm6aOyW5umjslubpo7Jbm6aOyW5umjslubpo7Jbm6aOyW5umjsluY+KPkfZHOzLm0sn6x4M5eFw2UYIS/H9G8f3G8f3G8f3G8f3G8f3G8f3G8f3G8f3G8f3GfPB4bKEFJPjaUKwx0sn6x4NC2Q3aKJsiuaUKwx0sn6x4NC2Q3aKJsiuaUKwx0sn6x4NC2Q3aKJsiuaUKwx0sn6x4NC2Q3fgUX0YGWncd/Ev2bMMQX1yP5agnrxzaA2XDPwfj5gVM8TZFc0oVhjpZP1jwaFshumJ48JBAUpVV7GNxCmTiCTNQmZTrmpQCVPokyPYZ6Tl4neBWSDjaAjO6acjz+ZomyK5pQrDHSyfrHg0LZDdMDgFoWIPJWpJnMdFukfxD1MsRPOgJ2NQIoKeSIyjEwwF+9EoJP8A1nYQ4lFOHxUO1RM9PkrDFxlD2N5UTsd/zNE2RXNKFYY6WT9Y8GhbIbpoB53RMkX0mh4bhBCKcggK7XlWjtT8UTZFc0oVhjpZP1jwaFshumewh5lLOJfKXYxw8S7V28H71NSi0L5oyIMWr0E7r74mRI2CRf3uVwVqIaIThP0jzFPE2RXNKFYY6WT9Y8GhbIbp+Ci3AvR7KeVKlZSgYtXf7HyU/dlXi/GB83K0/ZlB4BOzTuklCshASiScio3EI0qYkUpB586b5omyK5pQrDHSyfrHg0LZDd+JXcU4F55F3kqVoiDVcrgyzF5p2NBPh5RejfNE2RXNKFYY6WT9Y8GhbIbpldhQ+jVTM7+X6qzwJUNXrh6VPCfpruYXrl4L12XIQrSkxPXpo7dilKkXY0XFB/TMvhqTM0C5RKaXoqtXLNE2RXNKFYY6WT9Y8GhbIbpnsowIk+A/ieuuUkXzSamEiXjjVXM1HGhr4NG/NxTx6Py05vSZZQiwyYh4lDsF5RSaJsiuaUKwx0qcO5dvqOTLGmhkREoRORJ1N454J8viusysvFY4DTyejQ3Ph9tdzfmI107T/mikyPBBYh+niPc9FSTxNkVzShWGP9xE2RXNKFYY6WGJy6B5wqqi5bdXu9km6uDZJurg2Sbq4Nkm6uDZJurg2Sbq4Nkm6uDZJicREILgEDKykRZomyK5pQrDHSyfrHg0LZDdoomyK5pQrDHSyfrHg0LZDdoomyK5pQrDHSwaQjhXygpZVHYwgLs0EUoTMDcw/QG5h+gNzD9AbmH6A3MP0BuYfoDcw/QG5h+gNzD9AYgIDUSShcwNGcbcK5y8nJp7eX/Uv//EACkQAAEDAwQBBQACAwAAAAAAAAEAUfARITEQMGFxQYGRobHBINFAUGD/2gAIAQEAAT8h/wBwf2JFRLM4G4UKFChQoUKFChQWYymwF2MjjdiGQG1pltTUy4IdLgh0uCHS4IdLgh0uCHS4IdLgh0uCHSB5ep5gEtvQRDJAt2oV29BEMkC3ahXb0EQyQLdqFdvQRDJAt1wj0WZEokewR9oOkp8np7iq4RKqNYV29BEMkC3Qwh2OAZKMQagvbJuNOXNFKIJUIoWKw/coCrB28T+rRCu3oIhkgW6EuWtaqR9aBHbAVVnkobFrAIpfOPQALq6Cl4ftcoKLzH1vy0hXb0EQyQLdB/FyuSFPo6H0Zn0BYHLakA0tjWFdvQRDJAt0IvScMyRswecA5eQgM4dwShC8EbCn3N/lAEMeaOHaBgrTU2P0OfTWFdvQRDJAt1ptLIKfKBH2GoPs/pAgiGev8LLSAoHoUdY9S6EHgqo3HrIsg8PnSFdvQRDJAt/lVbApRpy5AsevOFy9iEU0jBMaD8HSFdvQRDJAt0wluzaHCwM9V+j6+ELEVasaVDEkoAVTuwr8ioPwvY5MDV8DSFdvQRDJAt0KyAgck4OPCIIJBsQiMwORfdjBV2zlX+lZQq4OgfRZAEgAKk4ARA1JO7yTyfrSFdvQBRG4helVATDUBgDXyONduxgoreCkH7iqxLLoA58xBT5osF0r4vYGsK7/ACYIV29AaR3JtSmKHlAQEGB8j+1Tf9U3/VN/1Tf9U3/VN/1Tf9RvRxD3qBS/ekK7egiGSBbtQrt6CIZIFu1Cu3oDCsgMC4CmShLqCwgY2l11111111yC4CzgoMmyvQbLsH/kv//aAAwDAQACAAMAAAAQkkkkkkkkkkkkkkkkkkkkkkkkkkkkH/8A/wD/APEkkkkkgckkkkLkkkkkkAkkkkhckkkkkgEkkkkLkkkkkkAkkkkhckkkkkgEgWAkLkkkkkkAgwkmhckkkkkgEwQU0LkkkkkkAkAkkhckkkkkgEWAGkLkkkkkkAkQkihckkkkkgEkkW0LkkkkkkAkQk2hckkkkkgEkQw0LkkkkkknkEUEhckkkkkkkkkkkLkkkkkkm/8A/wD2FySSSSSCAAAAQuSSSSSQCSSSSFySSSSSX7bbbaeSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSf/8QAJhEAAQIFBQEAAgMAAAAAAAAAAQDwETBRYaEhMXGx8dEQQUBQYP/aAAgBAwEBPxD+4jCkMdQIRjDciivErxK8SvErxK8SvErxK8SvErxI4O8w1BjDfYms3C7ofOABYCQP2rreVdbyrreVdbyrreVdbyrreVdbyrreUTWAA2EwqsSbYXdH+qU3ULEm2F3R/qlN1CxJthd0f6pTdQsSbYXdH+qU3ULEm2F3R/qlN1CxJthd0f6pTdQsSbYXdH+qU3ULEm2F3R/qlN1CxJthd0f6pTdQsSbYXdH+qU3ULEm2F3R/qlN1CxJthd0f6pTdQsSbGy/cIgjCsCjo8SdSZTdQsT+RN1CxJtACoho1jHeINESoGJz8r2Plex8r2Plex8r2Plex8r2PlFKGGAktCCY6a/r8N1CxJthd0f6pTdQsSbYXdH+qU3ULEmwDADDEExgYtgaomQQk67zqV6y+svrL6y+svrL6y+svrKOMJAjXeNQiiCDHAEQjo3Ap/kv/xAAoEQABAgUDBAMAAwAAAAAAAAABAMEQETChsWGR0SBBcfAhMVFAUGD/2gAIAQIBAT8Q/uA4Mia9APC9APC9APC9APC9APC9APC9APC9APC9APC9APC9APCnfySq57IqJzIHdefdefdefdefdefdefdefdefdefdAJP4H6sV6ueysRilZl1ivVz2ViMUrMusV6ueysRilZl1ivVz2ViMdABKmU3RZl1ivVz2ViMREnRJGSFmXWK9XPZWIxAfmB7IAkITIzQsy6xXq57KxGOiRLqsy6xXq57KxGIAyQM4SQkERsy6xXq57KxGIgyQ/aARkfMLMusV6ueysRjqBkgZiaP1CzLrFernsrEYgJkfx0ASCP1CzLrFernsrEYh2ISmpEABAu0LMusV6siADL9CAAEhEEIZISRjZl1iv/Isy6xXqn0QZz+1N7ditDsVoditDsVoditDsVoditDsUWSYlPvCzLrFernsrEYpWZdYr1c9lYjFKzLrFeqMJkpohgBkE0imkU0imkU0imkU0imkU0igIkD8oOCROT/5L//EACgQAQABAwIFBQADAQAAAAAAAAERACFRMWEQQEFx8CAwgZHxUGCxwf/aAAgBAQABPxD+YYYCToDqoiTXPuNGjRo0aNGjRo0eWJWunRTMtMe8BtOksQSg0ktfgK/gK/gK/gK/gK/gK/gK/gK/gK2yhjSCSdMhXhMczA2CfhMczA2CfhMczA2CfhMcjA2FAqwGq1ZvbIFwgQe6U0Oein6GrIzIM91BR19L/MAMjs+gn4THIQNhRi3wEqOAGmkEVDHTXF0No1lrLS4W6Q+wpy49QhPiky3KPaYsmzJULFtAULkYbwWekacSfhMchA2DajRQrO2WLtPA6Wi7og7KQqzEwbiTiAQHYKCa6BuyID8xtV5x7KywBFlzQgtoagnkHdPg0HTPEn4THIQNhqSVCwpwQRiNlIB0oJi4zPSeCiQqkk0fQT8JjkIGwJkhxNw9mbOy0sdxA11tInRKT3MoRkS5RzwAPBgsfilvgRNG8zNLHNA8k1kegn4THIwNi5Hl8WQudmksjLDuxGnyqvOPhtMyipwowyG4CUGSD87RC40OK5a/oiXnol1GeBPwmOUgbE5qYNPQFw+sjT/xPiEwg6LI3mp+b8tSD8ofPEn4THIQNhKp1MG6KaGNTsXpdsyZOtAdhZuJvRh8Gw7J/nBFZjpmqrREgriEBR0kl80vpQA0GrsJxJ+ExyEDYX4dSlKC6+rq6LaAgohEhGlC5Lh3WfkKvp4if+9IJ6XFskEt4p2zgBKvQCreQPNGfS2RqdzxJ+Ex7tr5qXJiWBiYKDcImAEAHQDiqe9SOzE91J3ropD92YT9FIRL276ur/nIwlhq4geNkAJd4Xf0E/CY5mT8Jj3ZQs2ySyw1lrRN2kSEyewsWLFixYsL6jBpNJpovriT8Jj3oEmjUQYKgwVBgqDBUGCoMFQYKAOJPwmOZgbBPwmPdxVBwySYNYfqpCC/oQCXYPaQQQQQQQQQhCnMhIkmy0rkYWYsSaSa5/qX/9k=', @@ -507,6 +511,10 @@ describe('Database entities tests', (): void => { expect(fromDb?.localeBranding).toBeDefined() expect(fromDb?.localeBranding.length).toEqual(1) expect(fromDb?.localeBranding[0].alias).toEqual(issuerBranding.localeBranding[0].alias) + expect(fromDb?.localeBranding[0].clientUri).toEqual(issuerBranding.localeBranding[0].clientUri) + expect(fromDb?.localeBranding[0].tosUri).toEqual(issuerBranding.localeBranding[0].tosUri) + expect(fromDb?.localeBranding[0].policyUri).toEqual(issuerBranding.localeBranding[0].policyUri) + expect(fromDb?.localeBranding[0].contacts).toEqual(issuerBranding.localeBranding[0].contacts) expect(fromDb?.localeBranding[0].locale).toEqual(issuerBranding.localeBranding[0].locale) expect(fromDb?.localeBranding[0].description).toEqual(issuerBranding.localeBranding[0].description) expect(fromDb?.localeBranding[0].logo).toBeDefined() diff --git a/packages/data-store/src/entities/digitalCredential/DigitalCredentialEntity.ts b/packages/data-store/src/entities/digitalCredential/DigitalCredentialEntity.ts index 7632c2ae9..d99885832 100644 --- a/packages/data-store/src/entities/digitalCredential/DigitalCredentialEntity.ts +++ b/packages/data-store/src/entities/digitalCredential/DigitalCredentialEntity.ts @@ -1,3 +1,4 @@ +import { typeormDate, typeOrmDateTime } from '@sphereon/ssi-sdk.agent-config' import { BaseEntity, Column, CreateDateColumn, Entity, PrimaryGeneratedColumn, UpdateDateColumn } from 'typeorm' import { CredentialCorrelationType, @@ -8,7 +9,6 @@ import { DocumentType, RegulationType, } from '../../types' -import { typeormDate, typeOrmDateTime } from '@sphereon/ssi-sdk.agent-config' @Entity('DigitalCredential') export class DigitalCredentialEntity extends BaseEntity implements DigitalCredential { diff --git a/packages/data-store/src/entities/eventLogger/AuditEventEntity.ts b/packages/data-store/src/entities/eventLogger/AuditEventEntity.ts index 651d87894..108e1e764 100644 --- a/packages/data-store/src/entities/eventLogger/AuditEventEntity.ts +++ b/packages/data-store/src/entities/eventLogger/AuditEventEntity.ts @@ -1,8 +1,7 @@ import { ActionSubType, ActionType, InitiatorType, LoggingEventType, LogLevel, SubSystem, System, SystemCorrelationIdType } from '@sphereon/ssi-types' -import { BaseEntity, Column, CreateDateColumn, Entity, PrimaryGeneratedColumn, UpdateDateColumn } from 'typeorm' import { CredentialType, PartyCorrelationType } from '@sphereon/ssi-sdk.core' import { typeOrmDateTime } from '@sphereon/ssi-sdk.agent-config' -import { NonPersistedAuditLoggingEvent, NonPersistedActivityLoggingEvent } from '../../types' +import { BaseEntity, Column, CreateDateColumn, Entity, PrimaryGeneratedColumn, UpdateDateColumn } from 'typeorm' //TODO this entity, also contains some optional fields that are related to another event type (Activity) later we might want to refactor and reorganize this. // For now I've added a discriminator value called eventType that can be one of the three types of events: 1. General, 2. Audit, and 3. Activity @@ -86,58 +85,3 @@ export class AuditEventEntity extends BaseEntity { @UpdateDateColumn({ name: 'last_updated_at', nullable: false, type: typeOrmDateTime() }) lastUpdatedAt!: Date } - -export const auditEventEntityFrom = (args: NonPersistedAuditLoggingEvent): AuditEventEntity => { - const auditEventEntity: AuditEventEntity = new AuditEventEntity() - auditEventEntity.type = LoggingEventType.AUDIT - auditEventEntity.timestamp = args.timestamp - auditEventEntity.level = args.level - auditEventEntity.correlationId = args.correlationId - auditEventEntity.system = args.system - auditEventEntity.subSystemType = args.subSystemType - auditEventEntity.actionType = args.actionType - auditEventEntity.actionSubType = args.actionSubType - auditEventEntity.initiatorType = args.initiatorType - auditEventEntity.systemCorrelationIdType = args.systemCorrelationIdType - auditEventEntity.systemCorrelationId = args.systemCorrelationId - auditEventEntity.systemAlias = args.systemAlias - auditEventEntity.partyCorrelationType = args.partyCorrelationType - auditEventEntity.partyCorrelationId = args.partyCorrelationId - auditEventEntity.partyAlias = args.partyAlias - auditEventEntity.description = args.description - auditEventEntity.partyCorrelationType = args.partyCorrelationType - auditEventEntity.data = JSON.stringify(args.data) - auditEventEntity.diagnosticData = JSON.stringify(args.diagnosticData) - - return auditEventEntity -} - -export const activityEventEntityFrom = (args: NonPersistedActivityLoggingEvent): AuditEventEntity => { - const activityEventEntity: AuditEventEntity = new AuditEventEntity() - activityEventEntity.type = LoggingEventType.ACTIVITY - activityEventEntity.timestamp = args.timestamp - activityEventEntity.level = args.level - activityEventEntity.correlationId = args.correlationId - activityEventEntity.system = args.system - activityEventEntity.subSystemType = args.subSystemType - activityEventEntity.actionType = args.actionType - activityEventEntity.actionSubType = args.actionSubType - activityEventEntity.initiatorType = args.initiatorType - activityEventEntity.systemCorrelationIdType = args.systemCorrelationIdType - activityEventEntity.systemCorrelationId = args.systemCorrelationId - activityEventEntity.systemAlias = args.systemAlias - activityEventEntity.partyCorrelationType = args.partyCorrelationType - activityEventEntity.partyCorrelationId = args.partyCorrelationId - activityEventEntity.partyAlias = args.partyAlias - activityEventEntity.description = args.description - activityEventEntity.partyCorrelationType = args.partyCorrelationType - activityEventEntity.data = JSON.stringify(args.data) - activityEventEntity.sharePurpose = args.sharePurpose - activityEventEntity.credentialType = args.credentialType - activityEventEntity.originalCredential = args.originalCredential - activityEventEntity.credentialHash = args.credentialHash - activityEventEntity.parentCredentialHash = args.parentCredentialHash - activityEventEntity.diagnosticData = JSON.stringify(args.diagnosticData) - - return activityEventEntity -} diff --git a/packages/data-store/src/entities/issuanceBranding/BackgroundAttributesEntity.ts b/packages/data-store/src/entities/issuanceBranding/BackgroundAttributesEntity.ts index fb0ecee82..6f4fa48c6 100644 --- a/packages/data-store/src/entities/issuanceBranding/BackgroundAttributesEntity.ts +++ b/packages/data-store/src/entities/issuanceBranding/BackgroundAttributesEntity.ts @@ -1,8 +1,7 @@ import { BaseEntity, BeforeInsert, BeforeUpdate, Column, Entity, JoinColumn, OneToOne, PrimaryGeneratedColumn } from 'typeorm' -import { IBasicBackgroundAttributes } from '../../types' -import { ImageAttributesEntity, imageAttributesEntityFrom } from './ImageAttributesEntity' +import { ImageAttributesEntity } from './ImageAttributesEntity' import { validate, Validate, ValidationError } from 'class-validator' -import { isEmptyString, IsNonEmptyStringConstraint } from '../validators' +import { IsNonEmptyStringConstraint } from '../validators' @Entity('BackgroundAttributes') export class BackgroundAttributesEntity extends BaseEntity { @@ -32,11 +31,3 @@ export class BackgroundAttributesEntity extends BaseEntity { return } } - -export const backgroundAttributesEntityFrom = (args: IBasicBackgroundAttributes): BackgroundAttributesEntity => { - const backgroundAttributesEntity: BackgroundAttributesEntity = new BackgroundAttributesEntity() - backgroundAttributesEntity.color = isEmptyString(args.color) ? undefined : args.color - backgroundAttributesEntity.image = args.image ? imageAttributesEntityFrom(args.image) : undefined - - return backgroundAttributesEntity -} diff --git a/packages/data-store/src/entities/issuanceBranding/CredentialBrandingEntity.ts b/packages/data-store/src/entities/issuanceBranding/CredentialBrandingEntity.ts index 68b4c0419..33648a7dc 100644 --- a/packages/data-store/src/entities/issuanceBranding/CredentialBrandingEntity.ts +++ b/packages/data-store/src/entities/issuanceBranding/CredentialBrandingEntity.ts @@ -12,8 +12,7 @@ import { } from 'typeorm' import { ArrayMinSize, IsNotEmpty, validate, ValidationError } from 'class-validator' import { typeOrmDateTime } from '@sphereon/ssi-sdk.agent-config' -import { CredentialLocaleBrandingEntity, credentialLocaleBrandingEntityFrom } from './CredentialLocaleBrandingEntity' -import { IBasicCredentialBranding, IBasicCredentialLocaleBranding } from '../../types' +import { CredentialLocaleBrandingEntity } from './CredentialLocaleBrandingEntity' @Entity('CredentialBranding') @Index('IDX_CredentialBrandingEntity_vcHash', ['vcHash']) @@ -66,14 +65,3 @@ export class CredentialBrandingEntity extends BaseEntity { return } } - -export const credentialBrandingEntityFrom = (args: IBasicCredentialBranding): CredentialBrandingEntity => { - const credentialBrandingEntity: CredentialBrandingEntity = new CredentialBrandingEntity() - credentialBrandingEntity.issuerCorrelationId = args.issuerCorrelationId - credentialBrandingEntity.vcHash = args.vcHash - credentialBrandingEntity.localeBranding = args.localeBranding.map((localeBranding: IBasicCredentialLocaleBranding) => - credentialLocaleBrandingEntityFrom(localeBranding), - ) - - return credentialBrandingEntity -} diff --git a/packages/data-store/src/entities/issuanceBranding/CredentialLocaleBrandingEntity.ts b/packages/data-store/src/entities/issuanceBranding/CredentialLocaleBrandingEntity.ts index 5920a5426..de0b17662 100644 --- a/packages/data-store/src/entities/issuanceBranding/CredentialLocaleBrandingEntity.ts +++ b/packages/data-store/src/entities/issuanceBranding/CredentialLocaleBrandingEntity.ts @@ -1,11 +1,6 @@ import { ChildEntity, Column, JoinColumn, ManyToOne, Index } from 'typeorm' -import { IBasicCredentialLocaleBranding } from '../../types' -import { backgroundAttributesEntityFrom } from './BackgroundAttributesEntity' import { CredentialBrandingEntity } from './CredentialBrandingEntity' -import { imageAttributesEntityFrom } from './ImageAttributesEntity' import { BaseLocaleBrandingEntity } from './BaseLocaleBrandingEntity' -import { textAttributesEntityFrom } from './TextAttributesEntity' -import { isEmptyString } from '../validators' @ChildEntity('CredentialLocaleBranding') @Index('IDX_CredentialLocaleBrandingEntity_credentialBranding_locale', ['credentialBranding', 'locale'], { unique: true }) @@ -19,15 +14,3 @@ export class CredentialLocaleBrandingEntity extends BaseLocaleBrandingEntity { @Column('text', { name: 'credentialBrandingId', nullable: false }) credentialBrandingId!: string } - -export const credentialLocaleBrandingEntityFrom = (args: IBasicCredentialLocaleBranding): CredentialLocaleBrandingEntity => { - const credentialLocaleBrandingEntity: CredentialLocaleBrandingEntity = new CredentialLocaleBrandingEntity() - credentialLocaleBrandingEntity.alias = isEmptyString(args.alias) ? undefined : args.alias - credentialLocaleBrandingEntity.locale = args.locale ? args.locale : '' - credentialLocaleBrandingEntity.logo = args.logo ? imageAttributesEntityFrom(args.logo) : undefined - credentialLocaleBrandingEntity.description = isEmptyString(args.description) ? undefined : args.description - credentialLocaleBrandingEntity.background = args.background ? backgroundAttributesEntityFrom(args.background) : undefined - credentialLocaleBrandingEntity.text = args.text ? textAttributesEntityFrom(args.text) : undefined - - return credentialLocaleBrandingEntity -} diff --git a/packages/data-store/src/entities/issuanceBranding/ImageAttributesEntity.ts b/packages/data-store/src/entities/issuanceBranding/ImageAttributesEntity.ts index ccfa49400..83fd72e73 100644 --- a/packages/data-store/src/entities/issuanceBranding/ImageAttributesEntity.ts +++ b/packages/data-store/src/entities/issuanceBranding/ImageAttributesEntity.ts @@ -1,8 +1,7 @@ import { BaseEntity, BeforeInsert, BeforeUpdate, Column, Entity, JoinColumn, OneToOne, PrimaryGeneratedColumn } from 'typeorm' -import { IBasicImageAttributes } from '../../types' -import { ImageDimensionsEntity, imageDimensionsEntityFrom } from './ImageDimensionsEntity' +import { ImageDimensionsEntity } from './ImageDimensionsEntity' import { validate, Validate, ValidationError } from 'class-validator' -import { isEmptyString, IsNonEmptyStringConstraint } from '../validators' +import { IsNonEmptyStringConstraint } from '../validators' @Entity('ImageAttributes') export class ImageAttributesEntity extends BaseEntity { @@ -44,14 +43,3 @@ export class ImageAttributesEntity extends BaseEntity { return } } - -export const imageAttributesEntityFrom = (args: IBasicImageAttributes): ImageAttributesEntity => { - const imageAttributesEntity: ImageAttributesEntity = new ImageAttributesEntity() - imageAttributesEntity.uri = isEmptyString(args.uri) ? undefined : args.uri - imageAttributesEntity.dataUri = isEmptyString(args.dataUri) ? undefined : args.dataUri - imageAttributesEntity.mediaType = isEmptyString(args.mediaType) ? undefined : args.mediaType - imageAttributesEntity.alt = isEmptyString(args.alt) ? undefined : args.alt - imageAttributesEntity.dimensions = args.dimensions ? imageDimensionsEntityFrom(args.dimensions) : undefined - - return imageAttributesEntity -} diff --git a/packages/data-store/src/entities/issuanceBranding/ImageDimensionsEntity.ts b/packages/data-store/src/entities/issuanceBranding/ImageDimensionsEntity.ts index 2b5a6ac1d..20ed63364 100644 --- a/packages/data-store/src/entities/issuanceBranding/ImageDimensionsEntity.ts +++ b/packages/data-store/src/entities/issuanceBranding/ImageDimensionsEntity.ts @@ -1,5 +1,4 @@ import { BaseEntity, Column, Entity, PrimaryGeneratedColumn } from 'typeorm' -import { IBasicImageDimensions } from '../../types' @Entity('ImageDimensions') export class ImageDimensionsEntity extends BaseEntity { @@ -12,11 +11,3 @@ export class ImageDimensionsEntity extends BaseEntity { @Column('integer', { name: 'height', nullable: false, unique: false }) height!: number } - -export const imageDimensionsEntityFrom = (args: IBasicImageDimensions): ImageDimensionsEntity => { - const imageDimensionsEntity: ImageDimensionsEntity = new ImageDimensionsEntity() - imageDimensionsEntity.width = args.width - imageDimensionsEntity.height = args.height - - return imageDimensionsEntity -} diff --git a/packages/data-store/src/entities/issuanceBranding/IssuerBrandingEntity.ts b/packages/data-store/src/entities/issuanceBranding/IssuerBrandingEntity.ts index 041637431..514c3e13d 100644 --- a/packages/data-store/src/entities/issuanceBranding/IssuerBrandingEntity.ts +++ b/packages/data-store/src/entities/issuanceBranding/IssuerBrandingEntity.ts @@ -12,8 +12,7 @@ import { } from 'typeorm' import { ArrayMinSize, IsNotEmpty, validate, ValidationError } from 'class-validator' import { typeOrmDateTime } from '@sphereon/ssi-sdk.agent-config' -import { IssuerLocaleBrandingEntity, issuerLocaleBrandingEntityFrom } from './IssuerLocaleBrandingEntity' -import { IBasicIssuerBranding, IBasicIssuerLocaleBranding } from '../../types' +import { IssuerLocaleBrandingEntity } from './IssuerLocaleBrandingEntity' @Entity('IssuerBranding') @Index('IDX_IssuerBrandingEntity_issuerCorrelationId', ['issuerCorrelationId']) @@ -61,13 +60,3 @@ export class IssuerBrandingEntity extends BaseEntity { return } } - -export const issuerBrandingEntityFrom = (args: IBasicIssuerBranding): IssuerBrandingEntity => { - const issuerBrandingEntity: IssuerBrandingEntity = new IssuerBrandingEntity() - issuerBrandingEntity.issuerCorrelationId = args.issuerCorrelationId - issuerBrandingEntity.localeBranding = args.localeBranding.map((localeBranding: IBasicIssuerLocaleBranding) => - issuerLocaleBrandingEntityFrom(localeBranding), - ) - - return issuerBrandingEntity -} diff --git a/packages/data-store/src/entities/issuanceBranding/IssuerLocaleBrandingEntity.ts b/packages/data-store/src/entities/issuanceBranding/IssuerLocaleBrandingEntity.ts index 86752066d..272c565b9 100644 --- a/packages/data-store/src/entities/issuanceBranding/IssuerLocaleBrandingEntity.ts +++ b/packages/data-store/src/entities/issuanceBranding/IssuerLocaleBrandingEntity.ts @@ -1,11 +1,8 @@ import { ChildEntity, Column, Index, JoinColumn, ManyToOne } from 'typeorm' -import { IBasicIssuerLocaleBranding } from '../../types' -import { backgroundAttributesEntityFrom } from './BackgroundAttributesEntity' -import { imageAttributesEntityFrom } from './ImageAttributesEntity' import { IssuerBrandingEntity } from './IssuerBrandingEntity' import { BaseLocaleBrandingEntity } from './BaseLocaleBrandingEntity' -import { textAttributesEntityFrom } from './TextAttributesEntity' -import { isEmptyString } from '../validators' +import { IsNonEmptyStringConstraint } from '../validators' +import { Validate } from 'class-validator' @ChildEntity('IssuerLocaleBranding') @Index('IDX_IssuerLocaleBrandingEntity_issuerBranding_locale', ['issuerBranding', 'locale'], { unique: true }) @@ -16,18 +13,21 @@ export class IssuerLocaleBrandingEntity extends BaseLocaleBrandingEntity { @JoinColumn({ name: 'issuerBrandingId' }) issuerBranding!: IssuerBrandingEntity - @Column('text', { name: 'issuerBrandingId', nullable: false }) - issuerBrandingId!: string -} + @Column('text', { name: 'client_uri', nullable: true, unique: false }) + @Validate(IsNonEmptyStringConstraint, { message: 'Blank client uris are not allowed' }) + clientUri?: string + + @Column('text', { name: 'tos_uri', nullable: true, unique: false }) + @Validate(IsNonEmptyStringConstraint, { message: 'Blank tos uris are not allowed' }) + tosUri?: string -export const issuerLocaleBrandingEntityFrom = (args: IBasicIssuerLocaleBranding): IssuerLocaleBrandingEntity => { - const issuerLocaleBrandingEntity: IssuerLocaleBrandingEntity = new IssuerLocaleBrandingEntity() - issuerLocaleBrandingEntity.alias = isEmptyString(args.alias) ? undefined : args.alias - issuerLocaleBrandingEntity.locale = args.locale ? args.locale : '' - issuerLocaleBrandingEntity.logo = args.logo ? imageAttributesEntityFrom(args.logo) : undefined - issuerLocaleBrandingEntity.description = isEmptyString(args.description) ? undefined : args.description - issuerLocaleBrandingEntity.background = args.background ? backgroundAttributesEntityFrom(args.background) : undefined - issuerLocaleBrandingEntity.text = args.text ? textAttributesEntityFrom(args.text) : undefined + @Column('text', { name: 'policy_uri', nullable: true, unique: false }) + @Validate(IsNonEmptyStringConstraint, { message: 'Blank policy uris are not allowed' }) + policyUri?: string - return issuerLocaleBrandingEntity + @Column('simple-array', { name: 'contacts', nullable: true, unique: false }) + contacts?: Array + + @Column('text', { name: 'issuerBrandingId', nullable: false }) + issuerBrandingId!: string } diff --git a/packages/data-store/src/entities/issuanceBranding/TextAttributesEntity.ts b/packages/data-store/src/entities/issuanceBranding/TextAttributesEntity.ts index e9931c1ac..a9aa08a78 100644 --- a/packages/data-store/src/entities/issuanceBranding/TextAttributesEntity.ts +++ b/packages/data-store/src/entities/issuanceBranding/TextAttributesEntity.ts @@ -1,7 +1,6 @@ import { BaseEntity, BeforeInsert, BeforeUpdate, Column, Entity, PrimaryGeneratedColumn } from 'typeorm' -import { IBasicTextAttributes } from '../../types' import { validate, Validate, ValidationError } from 'class-validator' -import { isEmptyString, IsNonEmptyStringConstraint } from '../validators' +import { IsNonEmptyStringConstraint } from '../validators' @Entity('TextAttributes') export class TextAttributesEntity extends BaseEntity { @@ -22,10 +21,3 @@ export class TextAttributesEntity extends BaseEntity { return } } - -export const textAttributesEntityFrom = (args: IBasicTextAttributes): TextAttributesEntity => { - const textAttributesEntity: TextAttributesEntity = new TextAttributesEntity() - textAttributesEntity.color = isEmptyString(args.color) ? undefined : args.color - - return textAttributesEntity -} diff --git a/packages/data-store/src/eventLogger/EventLoggerStore.ts b/packages/data-store/src/eventLogger/EventLoggerStore.ts index 81f5485fe..b6bc86814 100644 --- a/packages/data-store/src/eventLogger/EventLoggerStore.ts +++ b/packages/data-store/src/eventLogger/EventLoggerStore.ts @@ -3,12 +3,13 @@ import { LoggingEventType, OrPromise } from '@sphereon/ssi-types' import Debug, { Debugger } from 'debug' import { DataSource } from 'typeorm' import { AbstractEventLoggerStore } from './AbstractEventLoggerStore' +import { AuditEventEntity } from '../entities/eventLogger/AuditEventEntity' import { activityEventEntityFrom, - AuditEventEntity, - auditEventEntityFrom -} from '../entities/eventLogger/AuditEventEntity' -import { activityEventFrom, auditEventFrom } from '../utils/eventLogger/MappingUtils' + activityEventFrom, + auditEventEntityFrom, + auditEventFrom +} from '../utils/eventLogger/MappingUtils' import { GetActivityEventsArgs, GetAuditEventsArgs, diff --git a/packages/data-store/src/index.ts b/packages/data-store/src/index.ts index 6d6f17b6d..96beb74c3 100644 --- a/packages/data-store/src/index.ts +++ b/packages/data-store/src/index.ts @@ -8,14 +8,14 @@ import { DidAuthConfigEntity } from './entities/contact/DidAuthConfigEntity' import { IdentityEntity } from './entities/contact/IdentityEntity' import { IdentityMetadataItemEntity } from './entities/contact/IdentityMetadataItemEntity' import { OpenIdConfigEntity } from './entities/contact/OpenIdConfigEntity' -import { BackgroundAttributesEntity, backgroundAttributesEntityFrom } from './entities/issuanceBranding/BackgroundAttributesEntity' -import { CredentialBrandingEntity, credentialBrandingEntityFrom } from './entities/issuanceBranding/CredentialBrandingEntity' -import { CredentialLocaleBrandingEntity, credentialLocaleBrandingEntityFrom } from './entities/issuanceBranding/CredentialLocaleBrandingEntity' -import { ImageAttributesEntity, imageAttributesEntityFrom } from './entities/issuanceBranding/ImageAttributesEntity' -import { ImageDimensionsEntity, imageDimensionsEntityFrom } from './entities/issuanceBranding/ImageDimensionsEntity' -import { IssuerLocaleBrandingEntity, issuerLocaleBrandingEntityFrom } from './entities/issuanceBranding/IssuerLocaleBrandingEntity' -import { IssuerBrandingEntity, issuerBrandingEntityFrom } from './entities/issuanceBranding/IssuerBrandingEntity' -import { TextAttributesEntity, textAttributesEntityFrom } from './entities/issuanceBranding/TextAttributesEntity' +import { BackgroundAttributesEntity } from './entities/issuanceBranding/BackgroundAttributesEntity' +import { CredentialBrandingEntity } from './entities/issuanceBranding/CredentialBrandingEntity' +import { CredentialLocaleBrandingEntity } from './entities/issuanceBranding/CredentialLocaleBrandingEntity' +import { ImageAttributesEntity } from './entities/issuanceBranding/ImageAttributesEntity' +import { ImageDimensionsEntity } from './entities/issuanceBranding/ImageDimensionsEntity' +import { IssuerLocaleBrandingEntity } from './entities/issuanceBranding/IssuerLocaleBrandingEntity' +import { IssuerBrandingEntity } from './entities/issuanceBranding/IssuerBrandingEntity' +import { TextAttributesEntity } from './entities/issuanceBranding/TextAttributesEntity' import { StatusListEntity } from './entities/statusList2021/StatusList2021Entity' import { StatusListEntryEntity } from './entities/statusList2021/StatusList2021EntryEntity' import { MachineStateInfoEntity } from './entities/machineState/MachineStateInfoEntity' @@ -33,10 +33,8 @@ export { DigitalCredentialStore } from './digitalCredential/DigitalCredentialSto export { AbstractIssuanceBrandingStore } from './issuanceBranding/AbstractIssuanceBrandingStore' export { IssuanceBrandingStore } from './issuanceBranding/IssuanceBrandingStore' export { StatusListStore } from './statusList/StatusListStore' -import { AuditEventEntity, auditEventEntityFrom } from './entities/eventLogger/AuditEventEntity' +import { AuditEventEntity } from './entities/eventLogger/AuditEventEntity' import { DigitalCredentialEntity } from './entities/digitalCredential/DigitalCredentialEntity' -import { digitalCredentialFrom, digitalCredentialsFrom, nonPersistedDigitalCredentialEntityFromAddArgs } from './utils/digitalCredential/MappingUtils' -import { isPresentationDefinitionEqual } from './utils/presentationDefinition/MappingUtils' import { PresentationDefinitionItemEntity } from './entities/presentationDefinition/PresentationDefinitionItemEntity' import { ContactMetadataItemEntity } from './entities/contact/ContactMetadataItemEntity' export { AbstractEventLoggerStore } from './eventLogger/AbstractEventLoggerStore' @@ -59,6 +57,10 @@ export { export * from './types' export * from './utils/contact/MappingUtils' export * from './utils/digitalCredential/MappingUtils' +export * from './utils/eventLogger/MappingUtils' +export * from './utils/issuanceBranding/MappingUtils' +export * from './utils/presentationDefinition/MappingUtils' +export * from './utils/hasher' export const DataStoreContactEntities = [ BaseConfigEntity, @@ -133,28 +135,13 @@ export { IssuerLocaleBrandingEntity, ElectronicAddressEntity, PhysicalAddressEntity, - backgroundAttributesEntityFrom, - credentialBrandingEntityFrom, - imageAttributesEntityFrom, - imageDimensionsEntityFrom, - issuerBrandingEntityFrom, - textAttributesEntityFrom, - issuerLocaleBrandingEntityFrom, - credentialLocaleBrandingEntityFrom, IStatusListEntity, IStatusListEntryEntity, StatusListEntity, StatusListEntryEntity, AuditEventEntity, - auditEventEntityFrom, DigitalCredentialEntity, - digitalCredentialFrom, - digitalCredentialsFrom, - nonPersistedDigitalCredentialEntityFromAddArgs, MachineStateInfoEntity, PresentationDefinitionItemEntity, - isPresentationDefinitionEqual, ContactMetadataItemEntity, } - -export * from './utils/hasher' diff --git a/packages/data-store/src/issuanceBranding/IssuanceBrandingStore.ts b/packages/data-store/src/issuanceBranding/IssuanceBrandingStore.ts index a2c7cc8f3..eb486e0f0 100644 --- a/packages/data-store/src/issuanceBranding/IssuanceBrandingStore.ts +++ b/packages/data-store/src/issuanceBranding/IssuanceBrandingStore.ts @@ -1,17 +1,25 @@ +import { OrPromise } from '@sphereon/ssi-types' import Debug from 'debug' import { DataSource, DeleteResult, In, Not, Repository } from 'typeorm' -import { OrPromise } from '@sphereon/ssi-types' +import { + credentialBrandingEntityFrom, + credentialBrandingFrom, + credentialLocaleBrandingEntityFrom, + issuerBrandingEntityFrom, + issuerBrandingFrom, + issuerLocaleBrandingEntityFrom, + localeBrandingFrom +} from '../utils/issuanceBranding/MappingUtils' import { BackgroundAttributesEntity } from '../entities/issuanceBranding/BackgroundAttributesEntity' import { ImageAttributesEntity } from '../entities/issuanceBranding/ImageAttributesEntity' import { ImageDimensionsEntity } from '../entities/issuanceBranding/ImageDimensionsEntity' -import { IssuerBrandingEntity, issuerBrandingEntityFrom } from '../entities/issuanceBranding/IssuerBrandingEntity' -import { CredentialBrandingEntity, credentialBrandingEntityFrom } from '../entities/issuanceBranding/CredentialBrandingEntity' -import { CredentialLocaleBrandingEntity, credentialLocaleBrandingEntityFrom } from '../entities/issuanceBranding/CredentialLocaleBrandingEntity' -import { IssuerLocaleBrandingEntity, issuerLocaleBrandingEntityFrom } from '../entities/issuanceBranding/IssuerLocaleBrandingEntity' +import { IssuerBrandingEntity } from '../entities/issuanceBranding/IssuerBrandingEntity' +import { CredentialBrandingEntity } from '../entities/issuanceBranding/CredentialBrandingEntity' +import { CredentialLocaleBrandingEntity } from '../entities/issuanceBranding/CredentialLocaleBrandingEntity' +import { IssuerLocaleBrandingEntity } from '../entities/issuanceBranding/IssuerLocaleBrandingEntity' import { BaseLocaleBrandingEntity } from '../entities/issuanceBranding/BaseLocaleBrandingEntity' import { TextAttributesEntity } from '../entities/issuanceBranding/TextAttributesEntity' import { AbstractIssuanceBrandingStore } from './AbstractIssuanceBrandingStore' -import { credentialBrandingFrom, issuerBrandingFrom, localeBrandingFrom } from '../utils/issuanceBranding/MappingUtils' import { IAddCredentialBrandingArgs, IAddCredentialLocaleBrandingArgs, diff --git a/packages/data-store/src/migrations/postgres/1685628974232-CreateIssuanceBranding.ts b/packages/data-store/src/migrations/postgres/1685628974232-CreateIssuanceBranding.ts index 6ee593785..5fe2e7e04 100644 --- a/packages/data-store/src/migrations/postgres/1685628974232-CreateIssuanceBranding.ts +++ b/packages/data-store/src/migrations/postgres/1685628974232-CreateIssuanceBranding.ts @@ -19,7 +19,7 @@ export class CreateIssuanceBranding1685628974232 implements MigrationInterface { `CREATE TABLE "TextAttributes" ("id" uuid NOT NULL DEFAULT uuid_generate_v4(), "color" character varying(255), CONSTRAINT "PK_TextAttributes_id" PRIMARY KEY ("id"))`, ) await queryRunner.query( - `CREATE TABLE "BaseLocaleBranding" ("id" uuid NOT NULL DEFAULT uuid_generate_v4(), "alias" character varying(255), "locale" character varying(255) NOT NULL, "description" character varying(255), "created_at" TIMESTAMP NOT NULL DEFAULT now(), "last_updated_at" TIMESTAMP NOT NULL DEFAULT now(), "credentialBrandingId" uuid, "issuerBrandingId" uuid, "type" character varying NOT NULL, "logoId" uuid, "backgroundId" uuid, "textId" uuid, CONSTRAINT "UQ_logoId" UNIQUE ("logoId"), CONSTRAINT "UQ_backgroundId" UNIQUE ("backgroundId"), CONSTRAINT "UQ_textId" UNIQUE ("textId"), CONSTRAINT "PK_BaseLocaleBranding_id" PRIMARY KEY ("id"))`, + `CREATE TABLE "BaseLocaleBranding" ("id" uuid NOT NULL DEFAULT uuid_generate_v4(), "alias" character varying(255), "locale" character varying(255) NOT NULL, "description" character varying(255), "created_at" TIMESTAMP NOT NULL DEFAULT now(), "last_updated_at" TIMESTAMP NOT NULL DEFAULT now(), "credentialBrandingId" uuid, "issuerBrandingId" uuid, "type" character varying NOT NULL, "logoId" uuid, "backgroundId" uuid, "textId" uuid, "client_uri" character varying, "tos_uri" character varying, "policy_uri" character varying, "contacts" character varying, CONSTRAINT "UQ_logoId" UNIQUE ("logoId"), CONSTRAINT "UQ_backgroundId" UNIQUE ("backgroundId"), CONSTRAINT "UQ_textId" UNIQUE ("textId"), CONSTRAINT "PK_BaseLocaleBranding_id" PRIMARY KEY ("id"))`, ) await queryRunner.query( `CREATE UNIQUE INDEX "IDX_CredentialLocaleBrandingEntity_credentialBranding_locale" ON "BaseLocaleBranding" ("credentialBrandingId", "locale")`, diff --git a/packages/data-store/src/migrations/postgres/1708525189001-CreateDigitalCredential.ts b/packages/data-store/src/migrations/postgres/1708525189001-CreateDigitalCredential.ts index b0d7e33ab..0c5aa9839 100644 --- a/packages/data-store/src/migrations/postgres/1708525189001-CreateDigitalCredential.ts +++ b/packages/data-store/src/migrations/postgres/1708525189001-CreateDigitalCredential.ts @@ -7,7 +7,7 @@ export class CreateDigitalCredential1708525189001 implements MigrationInterface await queryRunner.query(`CREATE TYPE "digital_document_type" AS ENUM('VC', 'VP', 'C', 'P')`) await queryRunner.query(`CREATE TYPE "digital_regulation_type" AS ENUM('PID', 'QEAA', 'EAA', 'NON_REGULATED')`) await queryRunner.query(`CREATE TYPE "digital_credential_document_format" AS ENUM('JSON_LD', 'JWT', 'SD_JWT', 'MSO_MDOC')`) - await queryRunner.query(`CREATE TYPE "digital_credential_credential_role" AS ENUM('ISSUER', 'VERIFIER', 'HOLDER')`) + await queryRunner.query(`CREATE TYPE "digital_credential_credential_role" AS ENUM('ISSUER', 'VERIFIER', 'HOLDER', 'FEDERATION_TRUST_ANCHOR')`) await queryRunner.query(`CREATE TYPE "digital_credential_correlation_type" AS ENUM('DID', 'KID', 'URL', 'X509_SAN')`) await queryRunner.query(`CREATE TYPE "digital_credential_state_type" AS ENUM('REVOKED', 'VERIFIED', 'EXPIRED')`) diff --git a/packages/data-store/src/migrations/sqlite/1685628973231-CreateIssuanceBranding.ts b/packages/data-store/src/migrations/sqlite/1685628973231-CreateIssuanceBranding.ts index c784fcb75..8516a6052 100644 --- a/packages/data-store/src/migrations/sqlite/1685628973231-CreateIssuanceBranding.ts +++ b/packages/data-store/src/migrations/sqlite/1685628973231-CreateIssuanceBranding.ts @@ -13,7 +13,7 @@ export class CreateIssuanceBranding1685628973231 implements MigrationInterface { ) await queryRunner.query(`CREATE TABLE "TextAttributes" ("id" varchar PRIMARY KEY NOT NULL, "color" varchar(255))`) await queryRunner.query( - `CREATE TABLE "BaseLocaleBranding" ("id" varchar PRIMARY KEY NOT NULL, "alias" varchar(255), "locale" varchar(255) NOT NULL, "description" varchar(255), "created_at" datetime NOT NULL DEFAULT (datetime('now')), "last_updated_at" datetime NOT NULL DEFAULT (datetime('now')), "credentialBrandingId" varchar, "issuerBrandingId" varchar, "type" varchar NOT NULL, "logoId" varchar, "backgroundId" varchar, "textId" varchar, CONSTRAINT "UQ_logoId" UNIQUE ("logoId"), CONSTRAINT "UQ_backgroundId" UNIQUE ("backgroundId"), CONSTRAINT "UQ_textId" UNIQUE ("textId"))`, + `CREATE TABLE "BaseLocaleBranding" ("id" varchar PRIMARY KEY NOT NULL, "alias" varchar(255), "locale" varchar(255) NOT NULL, "description" varchar(255), "created_at" datetime NOT NULL DEFAULT (datetime('now')), "last_updated_at" datetime NOT NULL DEFAULT (datetime('now')), "credentialBrandingId" varchar, "issuerBrandingId" varchar, "type" varchar NOT NULL, "logoId" varchar, "backgroundId" varchar, "textId" varchar, "client_uri" varchar, "tos_uri" varchar, "policy_uri" varchar, "contacts" varchar, CONSTRAINT "UQ_logoId" UNIQUE ("logoId"), CONSTRAINT "UQ_backgroundId" UNIQUE ("backgroundId"), CONSTRAINT "UQ_textId" UNIQUE ("textId"))`, ) await queryRunner.query( `CREATE UNIQUE INDEX "IDX_CredentialLocaleBrandingEntity_credentialBranding_locale" ON "BaseLocaleBranding" ("credentialBrandingId", "locale")`, @@ -51,7 +51,7 @@ export class CreateIssuanceBranding1685628973231 implements MigrationInterface { await queryRunner.query(`DROP INDEX "IDX_IssuerLocaleBrandingEntity_issuerBranding_locale"`) await queryRunner.query(`DROP INDEX "IDX_BaseLocaleBranding_type"`) await queryRunner.query( - `CREATE TABLE "temporary_BaseLocaleBranding" ("id" varchar PRIMARY KEY NOT NULL, "alias" varchar(255), "locale" varchar(255) NOT NULL, "description" varchar(255), "created_at" datetime NOT NULL DEFAULT (datetime('now')), "last_updated_at" datetime NOT NULL DEFAULT (datetime('now')), "credentialBrandingId" varchar, "issuerBrandingId" varchar, "type" varchar NOT NULL, "logoId" varchar, "backgroundId" varchar, "textId" varchar, CONSTRAINT "UQ_logoId" UNIQUE ("logoId"), CONSTRAINT "UQ_backgroundId" UNIQUE ("backgroundId"), CONSTRAINT "UQ_textId" UNIQUE ("textId"), CONSTRAINT "FK_BaseLocaleBranding_logoId" FOREIGN KEY ("logoId") REFERENCES "ImageAttributes" ("id") ON DELETE CASCADE ON UPDATE NO ACTION, CONSTRAINT "FK_BaseLocaleBranding_backgroundId" FOREIGN KEY ("backgroundId") REFERENCES "BackgroundAttributes" ("id") ON DELETE CASCADE ON UPDATE NO ACTION, CONSTRAINT "FK_BaseLocaleBranding_textId" FOREIGN KEY ("textId") REFERENCES "TextAttributes" ("id") ON DELETE CASCADE ON UPDATE NO ACTION, CONSTRAINT "FK_BaseLocaleBranding_credentialBrandingId" FOREIGN KEY ("credentialBrandingId") REFERENCES "CredentialBranding" ("id") ON DELETE CASCADE ON UPDATE NO ACTION, CONSTRAINT "FK_BaseLocaleBranding_issuerBrandingId" FOREIGN KEY ("issuerBrandingId") REFERENCES "IssuerBranding" ("id") ON DELETE CASCADE ON UPDATE NO ACTION)`, + `CREATE TABLE "temporary_BaseLocaleBranding" ("id" varchar PRIMARY KEY NOT NULL, "alias" varchar(255), "locale" varchar(255) NOT NULL, "description" varchar(255), "created_at" datetime NOT NULL DEFAULT (datetime('now')), "last_updated_at" datetime NOT NULL DEFAULT (datetime('now')), "credentialBrandingId" varchar, "issuerBrandingId" varchar, "type" varchar NOT NULL, "logoId" varchar, "backgroundId" varchar, "textId" varchar, "client_uri" varchar, "tos_uri" varchar, "policy_uri" varchar, "contacts" varchar, CONSTRAINT "UQ_logoId" UNIQUE ("logoId"), CONSTRAINT "UQ_backgroundId" UNIQUE ("backgroundId"), CONSTRAINT "UQ_textId" UNIQUE ("textId"), CONSTRAINT "FK_BaseLocaleBranding_logoId" FOREIGN KEY ("logoId") REFERENCES "ImageAttributes" ("id") ON DELETE CASCADE ON UPDATE NO ACTION, CONSTRAINT "FK_BaseLocaleBranding_backgroundId" FOREIGN KEY ("backgroundId") REFERENCES "BackgroundAttributes" ("id") ON DELETE CASCADE ON UPDATE NO ACTION, CONSTRAINT "FK_BaseLocaleBranding_textId" FOREIGN KEY ("textId") REFERENCES "TextAttributes" ("id") ON DELETE CASCADE ON UPDATE NO ACTION, CONSTRAINT "FK_BaseLocaleBranding_credentialBrandingId" FOREIGN KEY ("credentialBrandingId") REFERENCES "CredentialBranding" ("id") ON DELETE CASCADE ON UPDATE NO ACTION, CONSTRAINT "FK_BaseLocaleBranding_issuerBrandingId" FOREIGN KEY ("issuerBrandingId") REFERENCES "IssuerBranding" ("id") ON DELETE CASCADE ON UPDATE NO ACTION)`, ) await queryRunner.query( `INSERT INTO "temporary_BaseLocaleBranding"("id", "alias", "locale", "description", "created_at", "last_updated_at", "credentialBrandingId", "issuerBrandingId", "type", "logoId", "backgroundId", "textId") SELECT "id", "alias", "locale", "description", "created_at", "last_updated_at", "credentialBrandingId", "issuerBrandingId", "type", "logoId", "backgroundId", "textId" FROM "BaseLocaleBranding"`, @@ -73,7 +73,7 @@ export class CreateIssuanceBranding1685628973231 implements MigrationInterface { await queryRunner.query(`DROP INDEX "IDX_CredentialLocaleBrandingEntity_credentialBranding_locale"`) await queryRunner.query(`ALTER TABLE "BaseLocaleBranding" RENAME TO "temporary_BaseLocaleBranding"`) await queryRunner.query( - `CREATE TABLE "BaseLocaleBranding" ("id" varchar PRIMARY KEY NOT NULL, "alias" varchar(255), "locale" varchar(255) NOT NULL, "description" varchar(255), "created_at" datetime NOT NULL DEFAULT (datetime('now')), "last_updated_at" datetime NOT NULL DEFAULT (datetime('now')), "credentialBrandingId" varchar, "issuerBrandingId" varchar, "type" varchar NOT NULL, "logoId" varchar, "backgroundId" varchar, "textId" varchar, CONSTRAINT "UQ_logoId" UNIQUE ("logoId"), CONSTRAINT "UQ_backgroundId" UNIQUE ("backgroundId"), CONSTRAINT "UQ_textId" UNIQUE ("textId"))`, + `CREATE TABLE "BaseLocaleBranding" ("id" varchar PRIMARY KEY NOT NULL, "alias" varchar(255), "locale" varchar(255) NOT NULL, "description" varchar(255), "created_at" datetime NOT NULL DEFAULT (datetime('now')), "last_updated_at" datetime NOT NULL DEFAULT (datetime('now')), "credentialBrandingId" varchar, "issuerBrandingId" varchar, "type" varchar NOT NULL, "logoId" varchar, "backgroundId" varchar, "textId" varchar, "client_uri" varchar, "tos_uri" varchar, "policy_uri" varchar, "contacts" varchar, CONSTRAINT "UQ_logoId" UNIQUE ("logoId"), CONSTRAINT "UQ_backgroundId" UNIQUE ("backgroundId"), CONSTRAINT "UQ_textId" UNIQUE ("textId"))`, ) await queryRunner.query( `INSERT INTO "BaseLocaleBranding"("id", "alias", "locale", "description", "created_at", "last_updated_at", "credentialBrandingId", "issuerBrandingId", "type", "logoId", "backgroundId", "textId") SELECT "id", "alias", "locale", "description", "created_at", "last_updated_at", "credentialBrandingId", "issuerBrandingId", "type", "logoId", "backgroundId", "textId" FROM "BaseLocaleBranding"`, diff --git a/packages/data-store/src/migrations/sqlite/1708525189002-CreateDigitalCredential.ts b/packages/data-store/src/migrations/sqlite/1708525189002-CreateDigitalCredential.ts index 673884459..449f62243 100644 --- a/packages/data-store/src/migrations/sqlite/1708525189002-CreateDigitalCredential.ts +++ b/packages/data-store/src/migrations/sqlite/1708525189002-CreateDigitalCredential.ts @@ -12,7 +12,7 @@ export class CreateDigitalCredential1708525189002 implements MigrationInterface "document_type" varchar CHECK( "document_type" IN ('VC', 'VP', 'C', 'P') ) NOT NULL, "regulation_type" varchar CHECK( "regulation_type" IN ('PID', 'QEAA', 'EAA', 'NON_REGULATED') ) NOT NULL DEFAULT 'NON_REGULATED', "document_format" varchar CHECK( "document_format" IN ('JSON_LD', 'JWT', 'SD_JWT', 'MSO_MDOC') ) NOT NULL, - "credential_role" varchar CHECK( "credential_role" IN ('ISSUER', 'VERIFIER', 'HOLDER') ) NOT NULL, + "credential_role" varchar CHECK( "credential_role" IN ('ISSUER', 'VERIFIER', 'HOLDER', 'FEDERATION_TRUST_ANCHOR') ) NOT NULL, "raw_document" text NOT NULL, "uniform_document" text NOT NULL, "credential_id" text, diff --git a/packages/data-store/src/types/contact/contact.ts b/packages/data-store/src/types/contact/contact.ts index a9d3bbfe3..9e76c9b32 100644 --- a/packages/data-store/src/types/contact/contact.ts +++ b/packages/data-store/src/types/contact/contact.ts @@ -1,6 +1,6 @@ import { ManagedIdentifierOptsOrResult } from '@sphereon/ssi-sdk-ext.identifier-resolution' import { IIdentifier } from '@veramo/core' -import { ILocaleBranding } from '../issuanceBranding/issuanceBranding' +import { IIssuerLocaleBranding } from '../issuanceBranding/issuanceBranding' import { CredentialRole } from '../digitalCredential/digitalCredential' export type MetadataTypes = string | number | Date | boolean | undefined @@ -26,7 +26,7 @@ export type Party = { contact: Contact partyType: PartyType /** - * TODO: Integrate branding logic here in the future. + * TODO: Integrate branding logic here in the future. What we should do is make the issuance branding plugin part of the contact-manager and retrieve any branding there is. * * Currently, we are only defining the branding type within the SDK without implementing the associated logic. This is because: * 1. We are combining two types from the SSI-SDK to create a new type that will be used across multiple places in the wallets (web & mobile). @@ -35,7 +35,7 @@ export type Party = { * * For now, we are defining the type here and will use it in the mobile wallet has the logic for it. This is a temporary solution until we have the resources to integrate the branding logic fully. */ - branding?: ILocaleBranding + branding?: IIssuerLocaleBranding relationships: Array createdAt: Date lastUpdatedAt: Date diff --git a/packages/data-store/src/types/digitalCredential/digitalCredential.ts b/packages/data-store/src/types/digitalCredential/digitalCredential.ts index 982b7e3c9..86ef610e5 100644 --- a/packages/data-store/src/types/digitalCredential/digitalCredential.ts +++ b/packages/data-store/src/types/digitalCredential/digitalCredential.ts @@ -93,6 +93,7 @@ export enum CredentialRole { ISSUER = 'ISSUER', VERIFIER = 'VERIFIER', HOLDER = 'HOLDER', + FEDERATION_TRUST_ANCHOR = 'FEDERATION_TRUST_ANCHOR' } export enum CredentialStateType { diff --git a/packages/data-store/src/types/issuanceBranding/issuanceBranding.ts b/packages/data-store/src/types/issuanceBranding/issuanceBranding.ts index 609541825..ee0449172 100644 --- a/packages/data-store/src/types/issuanceBranding/issuanceBranding.ts +++ b/packages/data-store/src/types/issuanceBranding/issuanceBranding.ts @@ -80,17 +80,23 @@ export interface IPartialCredentialBranding extends Partial +} export interface IBasicIssuerLocaleBranding extends Omit { logo?: IBasicImageAttributes background?: IBasicBackgroundAttributes text?: IBasicTextAttributes } -export interface IPartialIssuerLocaleBranding extends Partial> { +export interface IPartialIssuerLocaleBranding extends Partial> { logo?: IPartialImageAttributes background?: IPartialBackgroundAttributes text?: IPartialTextAttributes + contacts?: string } export interface IIssuerBranding { @@ -103,7 +109,7 @@ export interface IIssuerBranding { export interface IBasicIssuerBranding extends Omit { localeBranding: Array } -export interface IPartialIssuerBranding extends Partial> { +export interface IPartialIssuerBranding extends Partial> { localeBranding?: IPartialIssuerLocaleBranding } diff --git a/packages/data-store/src/utils/eventLogger/MappingUtils.ts b/packages/data-store/src/utils/eventLogger/MappingUtils.ts index 1ac75d4bf..5917312d2 100644 --- a/packages/data-store/src/utils/eventLogger/MappingUtils.ts +++ b/packages/data-store/src/utils/eventLogger/MappingUtils.ts @@ -1,7 +1,8 @@ -import { AuditEventEntity } from '../../entities/eventLogger/AuditEventEntity' import { ActivityLoggingEvent, AuditLoggingEvent } from '@sphereon/ssi-sdk.core' import { LoggingEventType } from '@sphereon/ssi-types' import { replaceNullWithUndefined } from '../FormattingUtils' +import { AuditEventEntity } from '../../entities/eventLogger/AuditEventEntity' +import { NonPersistedActivityLoggingEvent, NonPersistedAuditLoggingEvent } from '../../types' export const auditEventFrom = (event: AuditEventEntity): AuditLoggingEvent => { const result: AuditLoggingEvent = { @@ -29,8 +30,32 @@ export const auditEventFrom = (event: AuditEventEntity): AuditLoggingEvent => { return replaceNullWithUndefined(result) } -export const activityEventFrom = (event: AuditEventEntity): ActivityLoggingEvent => { +export const auditEventEntityFrom = (args: NonPersistedAuditLoggingEvent): AuditEventEntity => { + const auditEventEntity: AuditEventEntity = new AuditEventEntity() + auditEventEntity.type = LoggingEventType.AUDIT + auditEventEntity.timestamp = args.timestamp + auditEventEntity.level = args.level + auditEventEntity.correlationId = args.correlationId + auditEventEntity.system = args.system + auditEventEntity.subSystemType = args.subSystemType + auditEventEntity.actionType = args.actionType + auditEventEntity.actionSubType = args.actionSubType + auditEventEntity.initiatorType = args.initiatorType + auditEventEntity.systemCorrelationIdType = args.systemCorrelationIdType + auditEventEntity.systemCorrelationId = args.systemCorrelationId + auditEventEntity.systemAlias = args.systemAlias + auditEventEntity.partyCorrelationType = args.partyCorrelationType + auditEventEntity.partyCorrelationId = args.partyCorrelationId + auditEventEntity.partyAlias = args.partyAlias + auditEventEntity.description = args.description + auditEventEntity.partyCorrelationType = args.partyCorrelationType + auditEventEntity.data = JSON.stringify(args.data) + auditEventEntity.diagnosticData = JSON.stringify(args.diagnosticData) + + return auditEventEntity +} +export const activityEventFrom = (event: AuditEventEntity): ActivityLoggingEvent => { const result: ActivityLoggingEvent = { id: event.id, type: LoggingEventType.ACTIVITY, @@ -59,3 +84,33 @@ export const activityEventFrom = (event: AuditEventEntity): ActivityLoggingEvent return replaceNullWithUndefined(result) } + +export const activityEventEntityFrom = (args: NonPersistedActivityLoggingEvent): AuditEventEntity => { + const activityEventEntity: AuditEventEntity = new AuditEventEntity() + activityEventEntity.type = LoggingEventType.ACTIVITY + activityEventEntity.timestamp = args.timestamp + activityEventEntity.level = args.level + activityEventEntity.correlationId = args.correlationId + activityEventEntity.system = args.system + activityEventEntity.subSystemType = args.subSystemType + activityEventEntity.actionType = args.actionType + activityEventEntity.actionSubType = args.actionSubType + activityEventEntity.initiatorType = args.initiatorType + activityEventEntity.systemCorrelationIdType = args.systemCorrelationIdType + activityEventEntity.systemCorrelationId = args.systemCorrelationId + activityEventEntity.systemAlias = args.systemAlias + activityEventEntity.partyCorrelationType = args.partyCorrelationType + activityEventEntity.partyCorrelationId = args.partyCorrelationId + activityEventEntity.partyAlias = args.partyAlias + activityEventEntity.description = args.description + activityEventEntity.partyCorrelationType = args.partyCorrelationType + activityEventEntity.data = JSON.stringify(args.data) + activityEventEntity.sharePurpose = args.sharePurpose + activityEventEntity.credentialType = args.credentialType + activityEventEntity.originalCredential = args.originalCredential + activityEventEntity.credentialHash = args.credentialHash + activityEventEntity.parentCredentialHash = args.parentCredentialHash + activityEventEntity.diagnosticData = JSON.stringify(args.diagnosticData) + + return activityEventEntity +} diff --git a/packages/data-store/src/utils/issuanceBranding/MappingUtils.ts b/packages/data-store/src/utils/issuanceBranding/MappingUtils.ts index de0225a35..ed3417aa5 100644 --- a/packages/data-store/src/utils/issuanceBranding/MappingUtils.ts +++ b/packages/data-store/src/utils/issuanceBranding/MappingUtils.ts @@ -1,8 +1,27 @@ +import { replaceNullWithUndefined } from '../FormattingUtils' +import { isEmptyString } from '../../entities/validators' import { CredentialBrandingEntity } from '../../entities/issuanceBranding/CredentialBrandingEntity' import { BaseLocaleBrandingEntity } from '../../entities/issuanceBranding/BaseLocaleBrandingEntity' import { IssuerBrandingEntity } from '../../entities/issuanceBranding/IssuerBrandingEntity' -import { replaceNullWithUndefined } from '../FormattingUtils' -import { ICredentialBranding, IIssuerBranding, ILocaleBranding } from '../../types' +import { ImageAttributesEntity } from '../../entities/issuanceBranding/ImageAttributesEntity' +import { BackgroundAttributesEntity } from '../../entities/issuanceBranding/BackgroundAttributesEntity' +import { TextAttributesEntity } from '../../entities/issuanceBranding/TextAttributesEntity' +import { IssuerLocaleBrandingEntity } from '../../entities/issuanceBranding/IssuerLocaleBrandingEntity' +import { CredentialLocaleBrandingEntity } from '../../entities/issuanceBranding/CredentialLocaleBrandingEntity' +import { ImageDimensionsEntity } from '../../entities/issuanceBranding/ImageDimensionsEntity' +import { + IBasicBackgroundAttributes, + IBasicCredentialBranding, + IBasicCredentialLocaleBranding, + IBasicImageAttributes, + IBasicImageDimensions, + IBasicIssuerBranding, + IBasicIssuerLocaleBranding, + IBasicTextAttributes, + ICredentialBranding, + IIssuerBranding, + ILocaleBranding +} from '../../types' export const credentialBrandingFrom = (credentialBranding: CredentialBrandingEntity): ICredentialBranding => { const result: ICredentialBranding = { @@ -30,3 +49,87 @@ export const localeBrandingFrom = (localeBranding: BaseLocaleBrandingEntity): IL return replaceNullWithUndefined(result) } + + +export const issuerLocaleBrandingEntityFrom = (args: IBasicIssuerLocaleBranding): IssuerLocaleBrandingEntity => { + const issuerLocaleBrandingEntity: IssuerLocaleBrandingEntity = new IssuerLocaleBrandingEntity() + issuerLocaleBrandingEntity.alias = isEmptyString(args.alias) ? undefined : args.alias + issuerLocaleBrandingEntity.locale = args.locale ? args.locale : '' + issuerLocaleBrandingEntity.logo = args.logo ? imageAttributesEntityFrom(args.logo) : undefined + issuerLocaleBrandingEntity.description = isEmptyString(args.description) ? undefined : args.description + issuerLocaleBrandingEntity.background = args.background ? backgroundAttributesEntityFrom(args.background) : undefined + issuerLocaleBrandingEntity.text = args.text ? textAttributesEntityFrom(args.text) : undefined + issuerLocaleBrandingEntity.clientUri = isEmptyString(args.clientUri) ? undefined : args.clientUri + issuerLocaleBrandingEntity.tosUri = isEmptyString(args.tosUri) ? undefined : args.tosUri + issuerLocaleBrandingEntity.policyUri = isEmptyString(args.policyUri) ? undefined : args.policyUri + issuerLocaleBrandingEntity.contacts = args.contacts + + return issuerLocaleBrandingEntity +} + +export const backgroundAttributesEntityFrom = (args: IBasicBackgroundAttributes): BackgroundAttributesEntity => { + const backgroundAttributesEntity: BackgroundAttributesEntity = new BackgroundAttributesEntity() + backgroundAttributesEntity.color = isEmptyString(args.color) ? undefined : args.color + backgroundAttributesEntity.image = args.image ? imageAttributesEntityFrom(args.image) : undefined + + return backgroundAttributesEntity +} + +export const credentialBrandingEntityFrom = (args: IBasicCredentialBranding): CredentialBrandingEntity => { + const credentialBrandingEntity: CredentialBrandingEntity = new CredentialBrandingEntity() + credentialBrandingEntity.issuerCorrelationId = args.issuerCorrelationId + credentialBrandingEntity.vcHash = args.vcHash + credentialBrandingEntity.localeBranding = args.localeBranding.map((localeBranding: IBasicCredentialLocaleBranding) => + credentialLocaleBrandingEntityFrom(localeBranding), + ) + + return credentialBrandingEntity +} + +export const credentialLocaleBrandingEntityFrom = (args: IBasicCredentialLocaleBranding): CredentialLocaleBrandingEntity => { + const credentialLocaleBrandingEntity: CredentialLocaleBrandingEntity = new CredentialLocaleBrandingEntity() + credentialLocaleBrandingEntity.alias = isEmptyString(args.alias) ? undefined : args.alias + credentialLocaleBrandingEntity.locale = args.locale ? args.locale : '' + credentialLocaleBrandingEntity.logo = args.logo ? imageAttributesEntityFrom(args.logo) : undefined + credentialLocaleBrandingEntity.description = isEmptyString(args.description) ? undefined : args.description + credentialLocaleBrandingEntity.background = args.background ? backgroundAttributesEntityFrom(args.background) : undefined + credentialLocaleBrandingEntity.text = args.text ? textAttributesEntityFrom(args.text) : undefined + + return credentialLocaleBrandingEntity +} + +export const imageAttributesEntityFrom = (args: IBasicImageAttributes): ImageAttributesEntity => { + const imageAttributesEntity: ImageAttributesEntity = new ImageAttributesEntity() + imageAttributesEntity.uri = isEmptyString(args.uri) ? undefined : args.uri + imageAttributesEntity.dataUri = isEmptyString(args.dataUri) ? undefined : args.dataUri + imageAttributesEntity.mediaType = isEmptyString(args.mediaType) ? undefined : args.mediaType + imageAttributesEntity.alt = isEmptyString(args.alt) ? undefined : args.alt + imageAttributesEntity.dimensions = args.dimensions ? imageDimensionsEntityFrom(args.dimensions) : undefined + + return imageAttributesEntity +} + +export const imageDimensionsEntityFrom = (args: IBasicImageDimensions): ImageDimensionsEntity => { + const imageDimensionsEntity: ImageDimensionsEntity = new ImageDimensionsEntity() + imageDimensionsEntity.width = args.width + imageDimensionsEntity.height = args.height + + return imageDimensionsEntity +} + +export const issuerBrandingEntityFrom = (args: IBasicIssuerBranding): IssuerBrandingEntity => { + const issuerBrandingEntity: IssuerBrandingEntity = new IssuerBrandingEntity() + issuerBrandingEntity.issuerCorrelationId = args.issuerCorrelationId + issuerBrandingEntity.localeBranding = args.localeBranding.map((localeBranding: IBasicIssuerLocaleBranding) => + issuerLocaleBrandingEntityFrom(localeBranding), + ) + + return issuerBrandingEntity +} + +export const textAttributesEntityFrom = (args: IBasicTextAttributes): TextAttributesEntity => { + const textAttributesEntity: TextAttributesEntity = new TextAttributesEntity() + textAttributesEntity.color = isEmptyString(args.color) ? undefined : args.color + + return textAttributesEntity +} diff --git a/packages/issuance-branding/__tests__/shared/issuanceBrandingAgentLogic.ts b/packages/issuance-branding/__tests__/shared/issuanceBrandingAgentLogic.ts index 313785293..9b1276048 100644 --- a/packages/issuance-branding/__tests__/shared/issuanceBrandingAgentLogic.ts +++ b/packages/issuance-branding/__tests__/shared/issuanceBrandingAgentLogic.ts @@ -764,6 +764,10 @@ export default (testContext: { getAgent: () => ConfiguredAgent; setup: () => Pro localeBranding: [ { alias: 'issuerAlias', + clientUri: 'test_uri', + tosUri: 'test_uri', + policyUri: 'test_uri', + contacts: ['test_email_address1', 'test_email_address2'], locale: 'en-US', logo: { uri: 'https://media.licdn.com/dms/image/C560BAQH_Mh53yhI5xw/company-logo_200_200/0/1556030486007?e=2147483647&v=beta&t=GzkCQ7R9LiixkRJVob7_iKRoEgEUH1FE6O6oz6ZgVEc', @@ -786,9 +790,14 @@ export default (testContext: { getAgent: () => ConfiguredAgent; setup: () => Pro const result: IIssuerBranding = await agent.ibAddIssuerBranding(issuerBranding) - expect(result).toBeDefined() + expect(result).toBeDefined() expect(result?.localeBranding.length).toEqual(1) + // TODO check for the actual values like we do in the entity tests, apply this to all other tests as well + expect(result?.localeBranding[0].clientUri).toBeDefined() + expect(result?.localeBranding[0].tosUri).toBeDefined() + expect(result?.localeBranding[0].policyUri).toBeDefined() + expect(result?.localeBranding[0].contacts).toBeDefined() expect(result?.localeBranding[0].logo?.dataUri).toBeDefined() expect(result?.localeBranding[0].logo?.mediaType).toBeDefined() expect(result?.localeBranding[0].logo?.dimensions).toBeDefined() diff --git a/packages/oid4vci-holder/package.json b/packages/oid4vci-holder/package.json index ce4b42815..a65c952ad 100644 --- a/packages/oid4vci-holder/package.json +++ b/packages/oid4vci-holder/package.json @@ -28,6 +28,7 @@ "@sphereon/ssi-sdk.data-store": "workspace:*", "@sphereon/ssi-sdk.issuance-branding": "workspace:*", "@sphereon/ssi-sdk.mdl-mdoc": "workspace:*", + "@sphereon/ssi-sdk.oidf-client": "workspace:*", "@sphereon/ssi-sdk.sd-jwt": "workspace:*", "@sphereon/ssi-sdk.xstate-machine-persistence": "workspace:*", "@sphereon/ssi-types": "workspace:*", diff --git a/packages/oid4vci-holder/src/agent/OID4VCIHolder.ts b/packages/oid4vci-holder/src/agent/OID4VCIHolder.ts index 8705888cf..eb54b961c 100644 --- a/packages/oid4vci-holder/src/agent/OID4VCIHolder.ts +++ b/packages/oid4vci-holder/src/agent/OID4VCIHolder.ts @@ -83,6 +83,7 @@ import { GetCredentialsArgs, GetIssuerMetadataArgs, IOID4VCIHolder, + GetFederationTrustArgs, IssuanceOpts, MappedCredentialToAccept, OID4VCIHolderEvent, @@ -101,7 +102,7 @@ import { StoreCredentialsArgs, VerificationResult, VerifyEBSICredentialIssuerArgs, - VerifyEBSICredentialIssuerResult, + VerifyEBSICredentialIssuerResult } from '../types/IOID4VCIHolder' import { getBasicIssuerLocaleBranding, @@ -254,8 +255,8 @@ export class OID4VCIHolder implements IAgentPlugin { didMethodPreferences, jwtCryptographicSuitePreferences, defaultAuthorizationRequestOptions, - hasher, - } = options ?? {} + hasher + } = { ...options } this.hasher = hasher if (vcFormatPreferences !== undefined && vcFormatPreferences.length > 0) { @@ -319,6 +320,7 @@ export class OID4VCIHolder implements IAgentPlugin { storeCredentialBranding: (args: StoreCredentialBrandingArgs) => this.oid4vciHolderStoreCredentialBranding(args, context), storeCredentials: (args: StoreCredentialsArgs) => this.oid4vciHolderStoreCredentials(args, context), sendNotification: (args: SendNotificationArgs) => this.oid4vciHolderSendNotification(args, context), + getFederationTrust: (args: GetFederationTrustArgs) => this.getFederationTrust(args, context) } const oid4vciMachineInstanceArgs: OID4VCIMachineInstanceOpts = { @@ -987,17 +989,6 @@ export class OID4VCIHolder implements IAgentPlugin { } } - private idFromW3cCredentialSubject(wrappedIssuerVC: WrappedW3CVerifiableCredential): string | undefined { - if (Array.isArray(wrappedIssuerVC.credential?.credentialSubject)) { - if (wrappedIssuerVC.credential?.credentialSubject.length > 0) { - return wrappedIssuerVC.credential?.credentialSubject[0].id - } - } else { - return wrappedIssuerVC.credential?.credentialSubject?.id - } - return undefined - } - private async oid4vciHolderSendNotification(args: SendNotificationArgs, context: RequiredContext): Promise { const { serverMetadata, notificationRequest, openID4VCIClientState } = args const notificationEndpoint = serverMetadata?.credentialIssuerMetadata?.notification_endpoint @@ -1016,6 +1007,41 @@ export class OID4VCIHolder implements IAgentPlugin { logger.log(`Notification to ${notificationEndpoint} has been dispatched`) } + private async getFederationTrust(args: GetFederationTrustArgs, context: RequiredContext): Promise> { + const { requestData, serverMetadata, trustAnchors } = args + + if (trustAnchors.length === 0) { + return Promise.reject(Error('No trust anchors found')) + } + + if (!requestData?.uri) { + return Promise.reject(Error('Missing request URI in context')) + } + + if (!serverMetadata) { + return Promise.reject(Error('Missing serverMetadata in context')) + } + + const url = new URL(requestData?.uri) + const params = new URLSearchParams(url.search) + const openidFederation = params.get('openid_federation') + const entityIdentifier = openidFederation ?? serverMetadata.issuer + + const trustedAnchors = [] + for (const trustAnchor of trustAnchors) { + const resolveResult = await context.agent.resolveTrustChain({ + entityIdentifier, + trustAnchors: [trustAnchor] + }) + + if (Array.isArray(resolveResult) && resolveResult.length > 0) { + trustedAnchors.push(trustAnchor) + } + } + + return trustedAnchors + } + private async oid4vciHolderGetIssuerMetadata(args: GetIssuerMetadataArgs, context: RequiredContext): Promise { const { issuer, errorOnNotFound = true } = args return MetadataClient.retrieveAllMetadata(issuer, { errorOnNotFound }) @@ -1047,4 +1073,15 @@ export class OID4VCIHolder implements IAgentPlugin { } return [CredentialCorrelationType.URL, issuer] } + + private idFromW3cCredentialSubject(wrappedIssuerVC: WrappedW3CVerifiableCredential): string | undefined { + if (Array.isArray(wrappedIssuerVC.credential?.credentialSubject)) { + if (wrappedIssuerVC.credential?.credentialSubject.length > 0) { + return wrappedIssuerVC.credential?.credentialSubject[0].id + } + } else { + return wrappedIssuerVC.credential?.credentialSubject?.id + } + return undefined + } } diff --git a/packages/oid4vci-holder/src/agent/OID4VCIHolderService.ts b/packages/oid4vci-holder/src/agent/OID4VCIHolderService.ts index c4caafdb2..78979b1f4 100644 --- a/packages/oid4vci-holder/src/agent/OID4VCIHolderService.ts +++ b/packages/oid4vci-holder/src/agent/OID4VCIHolderService.ts @@ -22,7 +22,6 @@ import { } from '@sphereon/ssi-sdk-ext.identifier-resolution' import { keyTypeFromCryptographicSuite } from '@sphereon/ssi-sdk-ext.key-utils' import { IBasicCredentialLocaleBranding, IBasicIssuerLocaleBranding } from '@sphereon/ssi-sdk.data-store' - import { CredentialMapper, IVerifiableCredential, diff --git a/packages/oid4vci-holder/src/link-handler/index.ts b/packages/oid4vci-holder/src/link-handler/index.ts index 8f00a7b7c..d08c86d30 100644 --- a/packages/oid4vci-holder/src/link-handler/index.ts +++ b/packages/oid4vci-holder/src/link-handler/index.ts @@ -16,9 +16,10 @@ export class OID4VCIHolderLinkHandler extends LinkHandlerAdapter { private readonly noStateMachinePersistence: boolean private readonly authorizationRequestOpts?: AuthorizationRequestOpts private readonly clientOpts?: AuthorizationServerClientOpts + private readonly trustAnchors?: Array constructor( - args: Pick & { + args: Pick & { priority?: number | DefaultLinkPriorities protocols?: Array noStateMachinePersistence?: boolean @@ -31,6 +32,7 @@ export class OID4VCIHolderLinkHandler extends LinkHandlerAdapter { this.context = args.context this.noStateMachinePersistence = args.noStateMachinePersistence === true this.stateNavigationListener = args.stateNavigationListener + this.trustAnchors = args.trustAnchors } async handle( @@ -57,6 +59,7 @@ export class OID4VCIHolderLinkHandler extends LinkHandlerAdapter { flowType: opts?.flowType, uri, }, + trustAnchors: this.trustAnchors, authorizationRequestOpts: { ...this.authorizationRequestOpts, ...opts?.authorizationRequestOpts }, ...((clientOpts.clientId || clientOpts.clientAssertionType) && { clientOpts: clientOpts as AuthorizationServerClientOpts }), stateNavigationListener: this.stateNavigationListener, diff --git a/packages/oid4vci-holder/src/localization/translations/en.json b/packages/oid4vci-holder/src/localization/translations/en.json index 49b513857..a5e6c4b95 100644 --- a/packages/oid4vci-holder/src/localization/translations/en.json +++ b/packages/oid4vci-holder/src/localization/translations/en.json @@ -8,5 +8,6 @@ "oid4vci_machine_credential_selection_error_title": "Credential selection", "oid4vci_machine_initiation_error_title": "Initiate OID4VCI provider", "oid4vci_machine_credential_verification_failed_message": "The credential verification resulted in an error.", - "oid4vci_machine_credential_verification_schema_failed_message": "The credential schema verification resulted in an error." + "oid4vci_machine_credential_verification_schema_failed_message": "The credential schema verification resulted in an error.", + "oid4vci_machine_retrieve_federation_trust_error_title": "Retrieve federation trust" } diff --git a/packages/oid4vci-holder/src/localization/translations/nl.json b/packages/oid4vci-holder/src/localization/translations/nl.json index 6aa01575a..ee867dba1 100644 --- a/packages/oid4vci-holder/src/localization/translations/nl.json +++ b/packages/oid4vci-holder/src/localization/translations/nl.json @@ -7,5 +7,6 @@ "oid4vci_machine_retrieve_contact_error_title": "Ophalen contact", "oid4vci_machine_credential_selection_error_title": "Credential selectie", "oid4vci_machine_initiation_error_title": "Initiëren OID4VCI provider", - "oid4vci_machine_credential_verification_failed_message": "Verificatie van de credential leidde tot een fout." + "oid4vci_machine_credential_verification_failed_message": "Verificatie van de credential leidde tot een fout.", + "oid4vci_machine_retrieve_federation_trust_error_title": "Ophalen federatievertrouwen" } diff --git a/packages/oid4vci-holder/src/machine/oid4vciMachine.ts b/packages/oid4vci-holder/src/machine/oid4vciMachine.ts index 696f78a89..a215fb457 100644 --- a/packages/oid4vci-holder/src/machine/oid4vciMachine.ts +++ b/packages/oid4vci-holder/src/machine/oid4vciMachine.ts @@ -74,11 +74,17 @@ const oid4vciHasSelectedCredentialsGuard = (_ctx: OID4VCIMachineContext, _event: return selectedCredentials !== undefined && selectedCredentials.length > 0 } -// FIXME refactor this guard +const oid4vciIsOIDFOriginGuard = (_ctx: OID4VCIMachineContext, _event: OID4VCIMachineEventTypes): boolean => { + // TODO in the future we need to establish if a origin is a IDF origin. So we need to check if this metadata is on the well-known location + const { trustAnchors } = _ctx + return trustAnchors.length > 0 +} const oid4vciNoAuthorizationGuard = (ctx: OID4VCIMachineContext, _event: OID4VCIMachineEventTypes): boolean => { return !oid4vciHasAuthorizationResponse(ctx, _event) } + +// FIXME refactor this guard const oid4vciRequireAuthorizationGuard = (ctx: OID4VCIMachineContext, _event: OID4VCIMachineEventTypes): boolean => { const { openID4VCIClientState } = ctx @@ -111,6 +117,7 @@ const createOID4VCIMachine = (opts?: CreateOID4VCIMachineOpts): OID4VCIStateMach // TODO WAL-671 we need to store the data from OpenIdProvider here in the context and make sure we can restart the machine with it and init the OpenIdProvider accessTokenOpts: opts?.accessTokenOpts, requestData: opts?.requestData, + trustAnchors: opts?.trustAnchors ?? [], issuanceOpt: opts?.issuanceOpt, didMethodPreferences: opts?.didMethodPreferences, locale: opts?.locale, @@ -139,7 +146,8 @@ const createOID4VCIMachine = (opts?: CreateOID4VCIMachineOpts): OID4VCIStateMach | { type: OID4VCIMachineGuards.hasContactGuard } | { type: OID4VCIMachineGuards.createContactGuard } | { type: OID4VCIMachineGuards.hasSelectedCredentialsGuard } - | { type: OID4VCIMachineGuards.hasAuthorizationResponse }, + | { type: OID4VCIMachineGuards.hasAuthorizationResponse } + | { type: OID4VCIMachineGuards.oid4vciIsOIDFOriginGuard }, services: {} as { [OID4VCIMachineServices.start]: { data: StartResult @@ -168,6 +176,9 @@ const createOID4VCIMachine = (opts?: CreateOID4VCIMachineOpts): OID4VCIStateMach [OID4VCIMachineServices.storeCredentials]: { data: void } + [OID4VCIMachineServices.getFederationTrust]: { + data: Array + } }, }, context: initialContext, @@ -245,6 +256,10 @@ const createOID4VCIMachine = (opts?: CreateOID4VCIMachineOpts): OID4VCIStateMach [OID4VCIMachineStates.transitionFromSetup]: { id: OID4VCIMachineStates.transitionFromSetup, always: [ + { + target: OID4VCIMachineStates.getFederationTrust, + cond: OID4VCIMachineGuards.oid4vciIsOIDFOriginGuard + }, { target: OID4VCIMachineStates.addContact, cond: OID4VCIMachineGuards.hasNoContactGuard, @@ -271,6 +286,28 @@ const createOID4VCIMachine = (opts?: CreateOID4VCIMachineOpts): OID4VCIStateMach }, }, }, + [OID4VCIMachineStates.getFederationTrust]: { + id: OID4VCIMachineStates.getFederationTrust, + invoke: { + src: OID4VCIMachineServices.getFederationTrust, + onDone: { + target: OID4VCIMachineStates.addContact, + actions: assign({ + trustedAnchors: (_ctx: OID4VCIMachineContext, _event: DoneInvokeEvent>) => _event.data + }) + }, + onError: { + target: OID4VCIMachineStates.handleError, + actions: assign({ + error: (_ctx: OID4VCIMachineContext, _event: DoneInvokeEvent): ErrorDetails => ({ + title: translate('oid4vci_machine_retrieve_federation_trust_error_title'), + message: _event.data.message, + stack: _event.data.stack, + }), + }), + }, + }, + }, [OID4VCIMachineStates.addContact]: { id: OID4VCIMachineStates.addContact, initial: OID4VCIMachineAddContactStates.idle, @@ -523,7 +560,6 @@ const createOID4VCIMachine = (opts?: CreateOID4VCIMachineOpts): OID4VCIStateMach }, }, }, - [OID4VCIMachineStates.storeCredentialBranding]: { id: OID4VCIMachineStates.storeCredentialBranding, invoke: { @@ -612,6 +648,7 @@ export class OID4VCIMachine { oid4vciRequireAuthorizationGuard, oid4vciNoAuthorizationGuard, oid4vciHasAuthorizationResponse, + oid4vciIsOIDFOriginGuard, ...opts?.guards, }, }), diff --git a/packages/oid4vci-holder/src/types/IOID4VCIHolder.ts b/packages/oid4vci-holder/src/types/IOID4VCIHolder.ts index bb33359bd..d88a081cf 100644 --- a/packages/oid4vci-holder/src/types/IOID4VCIHolder.ts +++ b/packages/oid4vci-holder/src/types/IOID4VCIHolder.ts @@ -50,11 +50,12 @@ import { } from '@veramo/core' import { BaseActionObject, Interpreter, ResolveTypegenMeta, ServiceMap, State, StateMachine, TypegenDisabled } from 'xstate' import { ICredentialValidation, SchemaValidation } from '@sphereon/ssi-sdk.credential-validation' +import { IOIDFClient } from '@sphereon/ssi-sdk.oidf-client' export interface IOID4VCIHolder extends IPluginMethodMap { oid4vciHolderGetIssuerMetadata(args: GetIssuerMetadataArgs, context: RequiredContext): Promise - oid4vciHolderGetMachineInterpreter(args: GetMachineArgs, context: RequiredContext): Promise + oid4vciHolderGetMachineInterpreter(args: GetMachineArgs, context: RequiredContext): Promise // FIXME is using GetMachineArgs as args but the function uses OID4VCIMachineInstanceOpts oid4vciHolderStart(args: PrepareStartArgs, context: RequiredContext): Promise @@ -112,6 +113,7 @@ export type OnIdentifierCreatedArgs = { export type GetMachineArgs = { requestData: RequestData + trustAnchors?: Array authorizationRequestOpts?: AuthorizationRequestOpts clientOpts?: AuthorizationServerClientOpts didMethodPreferences?: Array @@ -147,6 +149,7 @@ export type SendNotificationArgs = Pick< OID4VCIMachineContext, 'credentialsToAccept' | 'serverMetadata' | 'credentialsSupported' | 'openID4VCIClientState' > & { notificationRequest?: NotificationRequest; stored: boolean } +export type GetFederationTrustArgs = Pick export enum OID4VCIHolderEvent { CONTACT_IDENTITY_CREATED = 'contact_identity_created', @@ -190,6 +193,7 @@ export type OID4VCIMachineContext = { accessTokenOpts?: AccessTokenOpts didMethodPreferences?: Array issuanceOpt?: IssuanceOpts + trustAnchors: Array requestData?: RequestData // TODO WAL-673 fix type as this is not always a qr code (deeplink) locale?: string authorizationCodeURL?: string @@ -204,6 +208,7 @@ export type OID4VCIMachineContext = { credentialsToAccept: Array verificationCode?: string // TODO WAL-672 refactor to not store verificationCode in the context hasContactConsent: boolean + trustedAnchors?: Array error?: ErrorDetails } @@ -212,6 +217,7 @@ export enum OID4VCIMachineStates { createCredentialsToSelectFrom = 'createCredentialsToSelectFrom', getContact = 'getContact', transitionFromSetup = 'transitionFromSetup', + getFederationTrust = 'getFederationTrust', addContact = 'addContact', addIssuerBranding = 'addIssuerBranding', addIssuerBrandingAfterIdentity = 'addIssuerBrandingAfterIdentity', @@ -278,6 +284,7 @@ export type CreateOID4VCIMachineOpts = { requestData: RequestData machineName?: string locale?: string + trustAnchors?: Array stateDefinition?: OID4VCIMachineState didMethodPreferences?: Array accessTokenOpts?: AccessTokenOpts @@ -338,11 +345,13 @@ export enum OID4VCIMachineGuards { verificationCodeGuard = 'oid4vciVerificationCodeGuard', createContactGuard = 'oid4vciCreateContactGuard', hasSelectedCredentialsGuard = 'oid4vciHasSelectedCredentialsGuard', + oid4vciIsOIDFOriginGuard = 'oid4vciIsOIDFOriginGuard', } export enum OID4VCIMachineServices { start = 'start', getContact = 'getContact', + getFederationTrust = 'getFederationTrust', addContactIdentity = 'addContactIdentity', createCredentialsToSelectFrom = 'createCredentialsToSelectFrom', addIssuerBranding = 'addIssuerBranding', @@ -600,18 +609,19 @@ export interface VerifyCredentialArgs { export type RequiredContext = IAgentContext< IIssuanceBranding & - IContactManager & - ICredentialValidation & - ICredentialVerifier & - ICredentialIssuer & - ICredentialStore & - IIdentifierResolution & - IJwtService & - IDIDManager & - IResolver & - IKeyManager & - ISDJwtPlugin & - ImDLMdoc + IContactManager & + ICredentialValidation & + ICredentialVerifier & + ICredentialIssuer & + ICredentialStore & + IIdentifierResolution & + IJwtService & + IDIDManager & + IResolver & + IKeyManager & + ISDJwtPlugin & + ImDLMdoc & + IOIDFClient > export type IssuerType = 'RootTAO' | 'TAO' | 'TI' | 'Revoked or Undefined' diff --git a/packages/oid4vci-holder/tsconfig.json b/packages/oid4vci-holder/tsconfig.json index ee9dfcd8b..a3efa7e7d 100644 --- a/packages/oid4vci-holder/tsconfig.json +++ b/packages/oid4vci-holder/tsconfig.json @@ -37,6 +37,9 @@ }, { "path": "../xstate-persistence" + }, + { + "path": "../oidf-client" } ] } diff --git a/packages/oid4vci-issuer/src/functions.ts b/packages/oid4vci-issuer/src/functions.ts index dc21ff3fa..cd799e3c6 100644 --- a/packages/oid4vci-issuer/src/functions.ts +++ b/packages/oid4vci-issuer/src/functions.ts @@ -177,6 +177,7 @@ export async function getCredentialSignerCallback( removeOriginalFields: false, fetchRemoteContexts: true, domain: typeof credential.issuer === 'object' ? credential.issuer.id : credential.issuer, + ...(jwtVerifyResult.kid && { header: { kid: jwtVerifyResult.kid } }), }) return (proofFormat === 'jwt' && 'jwt' in result.proof ? result.proof.jwt : result) as W3CVerifiableCredential } else if (CredentialMapper.isSdJwtDecodedCredentialPayload(credential)) { diff --git a/packages/oidf-client/CHANGELOG.md b/packages/oidf-client/CHANGELOG.md new file mode 100644 index 000000000..4d65719f8 --- /dev/null +++ b/packages/oidf-client/CHANGELOG.md @@ -0,0 +1,14 @@ +# Change Log + +All notable changes to this project will be documented in this file. +See [Conventional Commits](https://conventionalcommits.org) for commit guidelines. + +## [0.30.1](https://github.com/Sphereon-Opensource/SSI-SDK/compare/v0.30.0...v0.30.1) (2024-10-01) + +**Note:** Version bump only for package @sphereon/ssi-sdk.credential-store + +# [0.29.0](https://github.com/Sphereon-Opensource/SSI-SDK/compare/v0.28.0...v0.29.0) (2024-08-01) + +**Note:** Version bump only for package @sphereon/ssi-sdk.credential-store + +# Change Log diff --git a/packages/oidf-client/LICENSE b/packages/oidf-client/LICENSE new file mode 100644 index 000000000..aedeb278e --- /dev/null +++ b/packages/oidf-client/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [2024] [Sphereon International B.V.] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/packages/oidf-client/__tests__/localAgent.test.ts b/packages/oidf-client/__tests__/localAgent.test.ts new file mode 100644 index 000000000..00a59795f --- /dev/null +++ b/packages/oidf-client/__tests__/localAgent.test.ts @@ -0,0 +1,29 @@ +import oidfClientAgentLogic from './shared/oidfClientAgentLogic' +import { getConfig, createObjects } from '@sphereon/ssi-sdk.agent-config' + +jest.setTimeout(60000) + +let agent: any + +const setup = async (): Promise => { + const config = await getConfig('packages/oidf-client/agent.yml') + const { localAgent } = await createObjects(config, { localAgent: '/agent' }) + agent = localAgent + + return true +} + +const tearDown = async (): Promise => { + return true +} + +const getAgent = () => agent +const testContext = { + getAgent, + setup, + tearDown, +} + +describe('Local integration tests', (): void => { + oidfClientAgentLogic(testContext) +}) diff --git a/packages/oidf-client/__tests__/restAgent.test.ts b/packages/oidf-client/__tests__/restAgent.test.ts new file mode 100644 index 000000000..ff222d49a --- /dev/null +++ b/packages/oidf-client/__tests__/restAgent.test.ts @@ -0,0 +1,68 @@ +import 'cross-fetch/polyfill' +// @ts-ignore +import express, { Router } from 'express' +import { Server } from 'http' +import { createAgent, IAgent, IAgentOptions } from '@veramo/core' +import { AgentRestClient } from '@veramo/remote-client' +import { AgentRouter, RequestWithAgentRouter } from '@veramo/remote-server' +import oidfClientAgentLogic from './shared/oidfClientAgentLogic' +import { getConfig, createObjects } from '@sphereon/ssi-sdk.agent-config' +import { IOIDFClient } from '../src' +import { IJwtService } from '@sphereon/ssi-sdk-ext.jwt-service' + +jest.setTimeout(60000) + +const port = 4102 +const basePath = '/agent' + +let serverAgent: IAgent +let restServer: Server + +const getAgent = (options?: IAgentOptions) => + createAgent({ + ...options, + plugins: [ + new AgentRestClient({ + url: 'http://localhost:' + port + basePath, + enabledMethods: serverAgent.availableMethods(), + schema: serverAgent.getSchema(), + }), + ], + }) + +const setup = async (): Promise => { + const config = await getConfig('packages/oidf-client/agent.yml') + const { agent } = await createObjects(config, { agent: '/agent' }) + serverAgent = agent + + const agentRouter = AgentRouter({ + exposedMethods: serverAgent.availableMethods(), + }) + + const requestWithAgent: Router = RequestWithAgentRouter({ + agent: serverAgent, + }) + + return new Promise((resolve): void => { + const app = express() + app.use(basePath, requestWithAgent, agentRouter) + restServer = app.listen(port, (): void => { + resolve(true) + }) + }) +} + +const tearDown = async (): Promise => { + restServer.close() + return true +} + +const testContext = { + getAgent, + setup, + tearDown, +} + +describe.skip('REST integration tests', (): void => { + oidfClientAgentLogic(testContext) +}) diff --git a/packages/oidf-client/__tests__/shared/CryptoDefaultCallback.ts b/packages/oidf-client/__tests__/shared/CryptoDefaultCallback.ts new file mode 100644 index 000000000..ea31e92e5 --- /dev/null +++ b/packages/oidf-client/__tests__/shared/CryptoDefaultCallback.ts @@ -0,0 +1,20 @@ +import {importJWK, JWK, jwtVerify, JWTVerifyOptions} from "jose"; +import {com} from "@sphereon/openid-federation-client"; +import ICryptoCallbackServiceJS = com.sphereon.oid.fed.client.crypto.ICryptoCallbackServiceJS; + +export const defaultCryptoJSImpl: ICryptoCallbackServiceJS = { + verify: async (jwt: string, key: any): Promise => { + const jwk:JWK = { ...key } + const publicKey = await importJWK(jwk) + + const now = new Date() + const past = now.setDate(now.getDate() - 60) + + const options: JWTVerifyOptions = { + currentDate: new Date(past) + } + + const result = await jwtVerify(jwt, publicKey, options) + return result !== undefined + } +} diff --git a/packages/oidf-client/__tests__/shared/TrustChainMockResponses.ts b/packages/oidf-client/__tests__/shared/TrustChainMockResponses.ts new file mode 100644 index 000000000..b33abad61 --- /dev/null +++ b/packages/oidf-client/__tests__/shared/TrustChainMockResponses.ts @@ -0,0 +1,26 @@ +export const mockResponses = [ + [ + "https://oidc.registry.servizicie.interno.gov.it/.well-known/openid-federation", + "eyJraWQiOiJkZWZhdWx0UlNBU2lnbiIsInR5cCI6ImVudGl0eS1zdGF0ZW1lbnQrand0IiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCIsIm1ldGFkYXRhIjp7ImZlZGVyYXRpb25fZW50aXR5Ijp7ImZlZGVyYXRpb25fZmV0Y2hfZW5kcG9pbnQiOiJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9mZXRjaCIsImZlZGVyYXRpb25fcmVzb2x2ZV9lbmRwb2ludCI6Imh0dHBzOi8vb2lkYy5yZWdpc3RyeS5zZXJ2aXppY2llLmludGVybm8uZ292Lml0L3Jlc29sdmUiLCJmZWRlcmF0aW9uX3RydXN0X21hcmtfc3RhdHVzX2VuZHBvaW50IjoiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvdHJ1c3RfbWFya19zdGF0dXMiLCJmZWRlcmF0aW9uX2xpc3RfZW5kcG9pbnQiOiJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9saXN0In19LCJqd2tzIjp7ImtleXMiOlt7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwidXNlIjoic2lnIiwia2lkIjoiZGVmYXVsdFJTQVNpZ24iLCJuIjoicVJUSkhRZ2IyZjhjbG45ZEpiLVdnaWs0cUVMNUdHX19zUHpsQVU0aTY5UzZ5SHhlTWczMllnTGZVenBOQnhfOGtYMm5kellYTV9SS21vM2poalF4dXhDSzFJSFNRY01rZzFoR2lpLXhSdzh4NDV0OFNHbFdjU0hpN182UmFBWTFTeUZjRUVsTkFxSGk1b2VCYUIzRkd2ZnJWLUVQLWNOa1V2R0VWYnlzX0NieHlHRFE5UU0wTkVyc2lsVmxNQVJERXJFTlpjclkwck5LdDUyV29aZ3kzcHNWY2Q4VTVEMExxZkM3N2JQakczNVBhVmh3WUFubFAwZXowSGY2dHV5V0pIZUE1MmRDZGUtbmEzV2ptUGFya2NscEZyLUtqWGVJQzhCd2ZqRXBBWGJLY3A4Tm11UUZqOWZEOUtuUjZ2Q2RPOTFSeUJJYkRsdUw1TEg4czBxRENRIn0seyJrdHkiOiJFQyIsInVzZSI6InNpZyIsImNydiI6IlAtMjU2Iiwia2lkIjoiZGVmYXVsdEVDU2lnbiIsIngiOiJ4TWtXSWExRVp5amdtazNKUUx0SERBOXAwVHBQOXdNU2JKSzBvQWl0Z2NrIiwieSI6IkNWTEZzdE93S3d0UXJ1dF92b0hqWU82SnoxSzBOWFJ1OE9MQ1RtS29zTGcifSx7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwidXNlIjoiZW5jIiwia2lkIjoiZGVmYXVsdFJTQUVuYyIsIm4iOiJ3ZXcyMnhjcGZBU2tRUXA3U09vX0dzNmNLajJYeTd4VlpLX3RnWnh6QXlReExTeG01c1U0WkdzNm1kSUFIZEV2UTkxU25FSFR0anBlQVM5d0N2TlhWbVZ4TklqRkFQSnpDWXBzZkZ4R3pXMVBSM1NDQmVLUFl6VWpTeUJTZWw1LW1Td1U4MHlZQXFPbFoxUVJaTlFJNUVTVXZOUG9lUEZqR0NvZnhuRlJzbXF5X21Bd1p5bmQyTnJyc1QyQXlwMEw2UFF3ei1Fa09oakVCcHpzeXEwcE11am5aRWZ2UHk5UC1YdjJTVUZMZUpQcm1jRHllNjRaMlk5V1BoMmpwa25oT3hESzhSTUwtMllUdmI0dVNPalowWFpPVzltVm9nTkpSSm0yemVQVGVlTFBxR2x1TGNEenBsYnkwbkxiTGpkWDdLM29MYnFoRGFld2o3VnJhS2Vtc1EifV19LCJ0cnVzdF9tYXJrX2lzc3VlcnMiOnsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvb2F1dGhfcmVzb3VyY2UvcHJpdmF0ZSI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vcGVuaWRfcHJvdmlkZXIvcHJpdmF0ZSI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vYXV0aF9yZXNvdXJjZS9wdWJsaWMiOlsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQiXSwiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvaW50ZXJtZWRpYXRlL3B1YmxpYyI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vcGVuaWRfcmVseWluZ19wYXJ0eS9wdWJsaWMiOlsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQiLCJodHRwczovL2NvaGVzaW9uMi5yZWdpb25lLm1hcmNoZS5pdC9vaWRjL3NhLyIsImh0dHBzOi8vYXV0aC50b3NjYW5hLml0L2F1dGgvcmVhbG1zL2VudGkvZmVkZXJhdGlvbi1lbnRpdHkvcl90b3NjYW5fc2FfZW50aSIsImh0dHBzOi8vYXV0ZW50aWNhemlvbmUuY2xvdWQucHJvdmluY2lhLnRuLml0L2FnZ3JlZ2F0b3JlIiwiaHR0cHM6Ly9vaWRjc2Eud2VibG9vbS5pdCIsImh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYSIsImh0dHBzOi8vc2VjdXJlLmVyZW1pbmQuaXQvaWRlbnRpdGEtZGlnaXRhbGUtb2lkYy9vaWRjLWZlZCIsImh0dHBzOi8vY2llLW9pZGMuY29tdW5lLW9ubGluZS5pdC9BdXRoU2VydmljZU9JREMvb2lkYy9zYSIsImh0dHBzOi8vcGhwLWNpZS5hbmR4b3IuaXQiLCJodHRwczovL2xvZ2luLmFzZndlYi5pdC8iLCJodHRwczovL29pZGMuc3R1ZGlvYW1pY2EuY29tIiwiaHR0cHM6Ly9pZHAuZW50cmFuZXh0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9jd29sc3NvLm51dm9sYXBhbGl0YWxzb2Z0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9mZWRlcmEubGVwaWRhLml0L2d3L09pZGNTYUZ1bGwvIiwiaHR0cHM6Ly93d3cuZXVyb2NvbnRhYi5pdC9hcGkiXSwiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvaW50ZXJtZWRpYXRlL3ByaXZhdGUiOlsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQiXSwiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvb3BlbmlkX3Byb3ZpZGVyL3B1YmxpYyI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vcGVuaWRfcmVseWluZ19wYXJ0eS9wcml2YXRlIjpbImh0dHBzOi8vb2lkYy5yZWdpc3RyeS5zZXJ2aXppY2llLmludGVybm8uZ292Lml0IiwiaHR0cHM6Ly9vaWRjc2Eud2VibG9vbS5pdCIsImh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYSIsImh0dHBzOi8vc2VjdXJlLmVyZW1pbmQuaXQvaWRlbnRpdGEtZGlnaXRhbGUtb2lkYy9vaWRjLWZlZCIsImh0dHBzOi8vY2llLW9pZGMuY29tdW5lLW9ubGluZS5pdC9BdXRoU2VydmljZU9JREMvb2lkYy9zYSIsImh0dHBzOi8vcGhwLWNpZS5hbmR4b3IuaXQiLCJodHRwczovL2xvZ2luLmFzZndlYi5pdC8iLCJodHRwczovL29pZGMuc3R1ZGlvYW1pY2EuY29tIiwiaHR0cHM6Ly9pZHAuZW50cmFuZXh0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9jd29sc3NvLm51dm9sYXBhbGl0YWxzb2Z0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9mZWRlcmEubGVwaWRhLml0L2d3L09pZGNTYUZ1bGwvIiwiaHR0cHM6Ly93d3cuZXVyb2NvbnRhYi5pdC9hcGkiXX0sImlzcyI6Imh0dHBzOi8vb2lkYy5yZWdpc3RyeS5zZXJ2aXppY2llLmludGVybm8uZ292Lml0IiwiZXhwIjoxNzI4NDI4MDI1LCJpYXQiOjE3MjgzNDE2MjUsImNvbnN0cmFpbnRzIjp7Im1heF9wYXRoX2xlbmd0aCI6MX0sInRydXN0X21hcmtzX2lzc3VlcnMiOnsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvb2F1dGhfcmVzb3VyY2UvcHJpdmF0ZSI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vcGVuaWRfcHJvdmlkZXIvcHJpdmF0ZSI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vYXV0aF9yZXNvdXJjZS9wdWJsaWMiOlsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQiXSwiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvaW50ZXJtZWRpYXRlL3B1YmxpYyI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vcGVuaWRfcmVseWluZ19wYXJ0eS9wdWJsaWMiOlsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQiLCJodHRwczovL2NvaGVzaW9uMi5yZWdpb25lLm1hcmNoZS5pdC9vaWRjL3NhLyIsImh0dHBzOi8vYXV0aC50b3NjYW5hLml0L2F1dGgvcmVhbG1zL2VudGkvZmVkZXJhdGlvbi1lbnRpdHkvcl90b3NjYW5fc2FfZW50aSIsImh0dHBzOi8vYXV0ZW50aWNhemlvbmUuY2xvdWQucHJvdmluY2lhLnRuLml0L2FnZ3JlZ2F0b3JlIiwiaHR0cHM6Ly9vaWRjc2Eud2VibG9vbS5pdCIsImh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYSIsImh0dHBzOi8vc2VjdXJlLmVyZW1pbmQuaXQvaWRlbnRpdGEtZGlnaXRhbGUtb2lkYy9vaWRjLWZlZCIsImh0dHBzOi8vY2llLW9pZGMuY29tdW5lLW9ubGluZS5pdC9BdXRoU2VydmljZU9JREMvb2lkYy9zYSIsImh0dHBzOi8vcGhwLWNpZS5hbmR4b3IuaXQiLCJodHRwczovL2xvZ2luLmFzZndlYi5pdC8iLCJodHRwczovL29pZGMuc3R1ZGlvYW1pY2EuY29tIiwiaHR0cHM6Ly9pZHAuZW50cmFuZXh0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9jd29sc3NvLm51dm9sYXBhbGl0YWxzb2Z0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9mZWRlcmEubGVwaWRhLml0L2d3L09pZGNTYUZ1bGwvIiwiaHR0cHM6Ly93d3cuZXVyb2NvbnRhYi5pdC9hcGkiXSwiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvaW50ZXJtZWRpYXRlL3ByaXZhdGUiOlsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQiXSwiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvb3BlbmlkX3Byb3ZpZGVyL3B1YmxpYyI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vcGVuaWRfcmVseWluZ19wYXJ0eS9wcml2YXRlIjpbImh0dHBzOi8vb2lkYy5yZWdpc3RyeS5zZXJ2aXppY2llLmludGVybm8uZ292Lml0IiwiaHR0cHM6Ly9vaWRjc2Eud2VibG9vbS5pdCIsImh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYSIsImh0dHBzOi8vc2VjdXJlLmVyZW1pbmQuaXQvaWRlbnRpdGEtZGlnaXRhbGUtb2lkYy9vaWRjLWZlZCIsImh0dHBzOi8vY2llLW9pZGMuY29tdW5lLW9ubGluZS5pdC9BdXRoU2VydmljZU9JREMvb2lkYy9zYSIsImh0dHBzOi8vcGhwLWNpZS5hbmR4b3IuaXQiLCJodHRwczovL2xvZ2luLmFzZndlYi5pdC8iLCJodHRwczovL29pZGMuc3R1ZGlvYW1pY2EuY29tIiwiaHR0cHM6Ly9pZHAuZW50cmFuZXh0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9jd29sc3NvLm51dm9sYXBhbGl0YWxzb2Z0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9mZWRlcmEubGVwaWRhLml0L2d3L09pZGNTYUZ1bGwvIiwiaHR0cHM6Ly93d3cuZXVyb2NvbnRhYi5pdC9hcGkiXX19.QVndoAzYG4-r-f1mq2szTurjN4IWG5GN6aUBeIm6k5EXOdjEa2oOmP8iANBjCFWF6eNPNN2t342pBpb6-46o9kJv9MxyWASIaBkOv_X8RJGEgv2ghDLLnfOLv4R6J9XH9IIsQPzjlezgWJYk61ukfYN7kWA_aIT5Hf42zEU14V5kLbl50r8wjgJVRwmSBsDLKsWbOnbzfkiKv4druFhfhDZjiyBeCjYajh9MFYdAR1awYihNM-JVib89Z7XgOqxq4qGogPt_XU-YMuf917lw4kpphPRoUe1QIoj1KXfgbpJUdgiLMlXQoBl57Ej3b1mVWgEkC6oKjNyNvZR57Kx8AQ" + ], + [ + "https://spid.wbss.it/Spid/oidc/sa/.well-known/openid-federation", + "eyJraWQiOiJNWGFvTUtvcWIyME1QME1WYkRUZGxIYmlFME9JakNyYmhHTnkxWVlzeXJNIiwidHlwIjoiZW50aXR5LXN0YXRlbWVudCtqd3QiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvc2EiLCJtZXRhZGF0YSI6eyJmZWRlcmF0aW9uX2VudGl0eSI6eyJob21lcGFnZV91cmkiOiJodHRwczovL3d3dy53YnNzLml0IiwibG9nb191cmkiOiJodHRwczovL3d3dy53YnNzLml0L2xvZ28iLCJvcmdhbml6YXRpb25fbmFtZSI6IlcuQi5TLlMuIFdlYiBCYXNlZCBTb2Z0d2FyZSBTb2x1dGlvbiBkaSBCYXR0aXN0aSBBbGVzc2FuZHJvIiwiZmVkZXJhdGlvbl9mZXRjaF9lbmRwb2ludCI6Imh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYS9mZXRjaCIsImNvbnRhY3RzIjpbIndic3NAcGVjLml0Il0sImZlZGVyYXRpb25fdHJ1c3RfbWFya19zdGF0dXNfZW5kcG9pbnQiOiJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvc2EvdHJ1c3RfbWFya19zdGF0dXMiLCJmZWRlcmF0aW9uX3Jlc29sdmVfZW5kcG9pbnQiOiJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvc2EvcmVzb2x2ZSIsInBvbGljeV91cmkiOiJodHRwczovL3d3dy53YnNzLml0L3BvbGljeSIsImZlZGVyYXRpb25fbGlzdF9lbmRwb2ludCI6Imh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYS9saXN0In19LCJqd2tzIjp7ImtleXMiOlt7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwiYWxnIjoiUlMyNTYiLCJ1c2UiOiJzaWciLCJuIjoiMEJUUDRBQ2ctS1Q2ZU5kQWhyMS1wYTc2bHVqWFYzV2lYbDB3NE5fbXlqNHEwemdhWk9EMWM1STcyNC1nMF9OSGkyMnFCajFJdS1NR0pRVmtsZkQtZXNLMUZaMnJuZFJpYWI1VGRNcDRjMXl5LXRraVFNN2FmSnd6VzcwRGlvVjFpU21mT1E0SEgwOUEtZGFsSVpfSUE4UHFlcThUeWJkcGdRc3ROQXAzRk4wY01vSEgtV2FnRlFHaVYyQTJIM3NVaHZRVjJPX0VDRVpYQ29MTEc2RXNVUnNoS3B5T3dYOTA3Tk1LN1E5UjlVT0J6V2FCSnFQay1jbW1tOWlaVGdUODZBX0JjUzB1Wll5N0VPWUIzRWtiQ01DaUdsMEZjb0FtRi1PeG9zZFRidFlvYVZrVzdQeWdDVm1kbXp0YzBfQ1ZzV2FtTG9WUFNzY3FGaC1FWEhNeHR3Iiwia2lkIjoiTVhhb01Lb3FiMjBNUDBNVmJEVGRsSGJpRTBPSWpDcmJoR055MVlZc3lyTSJ9XX0sImlzcyI6Imh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYSIsImF1dGhvcml0eV9oaW50cyI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJleHAiOjE3MjgzNDU4MTksImlhdCI6MTcyODM0NDAxOSwidHJ1c3RfbWFya3MiOlt7InRydXN0X21hcmsiOiJleUpyYVdRaU9pSmtaV1poZFd4MFVsTkJVMmxuYmlJc0luUjVjQ0k2SW5SeWRYTjBMVzFoY21zcmFuZDBJaXdpWVd4bklqb2lVbE15TlRZaWZRLmV5SnpkV0lpT2lKb2RIUndjem92TDNOd2FXUXVkMkp6Y3k1cGRDOVRjR2xrTDI5cFpHTXZjMkVpTENKellWOXdjbTltYVd4bElqb2lXMXdpWm5Wc2JGd2lYU0lzSW1semN5STZJbWgwZEhCek9pOHZiMmxrWXk1eVpXZHBjM1J5ZVM1elpYSjJhWHBwWTJsbExtbHVkR1Z5Ym04dVoyOTJMbWwwSWl3aWIzSm5ZVzVwZW1GMGFXOXVYM1I1Y0dVaU9pSndjbWwyWVhSbElpd2lhV1FpT2lKb2RIUndjem92TDI5cFpHTXVjbVZuYVhOMGNua3VjMlZ5ZG1sNmFXTnBaUzVwYm5SbGNtNXZMbWR2ZGk1cGRDOXBiblJsY20xbFpHbGhkR1V2Y0hKcGRtRjBaU0lzSW1WNGNDSTZNVGMxT0RNMk56SXdNU3dpYVdGMElqb3hOekkyT0RNeE1qQXhmUS5DUV92X0J2VW1saFF2R29UNjYwNWhKSHI2YnNvRWEzLWJSaXI2X1AxTXMtRXhjOFFSZV9HdVc5ZmMxRG9URkkxa3pwaGY5QVBMWGxfdzFZc1N2SFRlejZ3bWNYTXFxME9DX1U2T1VFS2Q5ZXlEeHNVekpiVEhmeVBLVE5MVkJiYkluaWc0UXYwN2FBNEJ5OWZTbUw0X1p1dWZ0S1BYZFJmVVJiTWVMZHBIbFotR1NSY1JMUXdjM0tfdG44X1M0dGNITjRhQ1lsSFllOXFscjIyWTR2ZnR6bGVmNmZhSnpYU19YMEc0LWZoMXNwbXhNVUdZNVBkdkJYbEtKSWRrTHU2V01PTVRhdXJQS09VU2pBSWd6TG1Mc1kxdDQ4T2JXMWR5VC1DX0tfQnpWWE5HU25abHJOV1hSZklsbG9wZk1GbUcycG9haXY4MmZFQldxbHhWUkp1SnciLCJpc3MiOiJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCIsImlkIjoiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvaW50ZXJtZWRpYXRlL3ByaXZhdGUifV19.WntR_8uHdSsf7DV0Q8NQLTpO44qGWGNp7OoM4d4YfF1bjKXBTVTuWXD_4kAxIL7RAPlqFRDX7ULs47Q9eDISvmXx_pyY2izydKEsUnCKNZBCi0OvYZcFikFPT-LWw2jXjWD60x3WVoM0Bvjsh1k9xs6YVN5auIdmmmAfiRjEmfNRdH_aWhXXJieNQ67pfmn7lqGz2ZOS_B7weQbfZEYWBUMAq0WDpDmatWJhrBb4alGpvvRmntEI7Y_JWlnHdtmh7JMJFwWA6V76zxG-pKI6aivS4FA9QGIcJvUqjVOPXCQW-DUirRGPHBO2Hz_lBUpWqAdW25WOn11P36nDOTqNkA" + ], + [ + "https://spid.wbss.it/Spid/oidc/rp/ipasv_lt/.well-known/openid-federation", + "eyJraWQiOiJFOTVjTkxUU3RJUHZzbU1kYTZuR0hwdjVKVDg1Q3R6WmxQbGlqejY5Y1JrIiwidHlwIjoiZW50aXR5LXN0YXRlbWVudCtqd3QiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvcnAvaXBhc3ZfbHQiLCJtZXRhZGF0YSI6eyJmZWRlcmF0aW9uX2VudGl0eSI6eyJob21lcGFnZV91cmkiOiJodHRwczovL3d3dy5vcGlsYXRpbmEuaXQiLCJsb2dvX3VyaSI6Imh0dHBzOi8vd3d3Lm9waWxhdGluYS5pdCIsIm9yZ2FuaXphdGlvbl9uYW1lIjoiT3JkaW5lIGRlbGxlIFByb2Zlc3Npb25pIEluZmVybWllcmlzdGljaGUgZGkgTGF0aW5hIiwiY29udGFjdHMiOlsibGF0aW5hQGNlcnQub3JkaW5lLW9waS5pdCJdLCJmZWRlcmF0aW9uX3Jlc29sdmVfZW5kcG9pbnQiOiJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvcnAvaXBhc3ZfbHQvcmVzb2x2ZSIsInBvbGljeV91cmkiOiJodHRwczovL3d3dy5vcGlsYXRpbmEuaXQvbHQvYW1taW5pc3RyYXppb25lLXRyYXNwYXJlbnRlLzExOS1hbHRyaS1jb250ZW51dGkvNzQ5LXByaXZhY3ktcG9saWN5LXNpdG8ifSwib3BlbmlkX3JlbHlpbmdfcGFydHkiOnsiY2xpZW50X3JlZ2lzdHJhdGlvbl90eXBlcyI6WyJhdXRvbWF0aWMiXSwiandrcyI6eyJrZXlzIjpbeyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsInVzZSI6InNpZyIsImtpZCI6IlNHSE9QU0lUUzF3ejFHZjE5WGoxRGw4NlB2akhmcUlHeXJmTnFUdlFlNHMiLCJhbGciOiJSUzI1NiIsIm4iOiJnNjk3Wk1WTVlGTTItQlIzeUZ1VklGUUZFWXV0aGgwcWlfeWlDZS1XQUNuSjhsM3ZqLXl6eDlYZjQteFR3NzRfaFQtaTkwQVljT19ZWmdUenZmbVJnS2ZOMFBMOHdsYkFHLVdYZWVFaDk5WDVpSFpfWldmc3RNX0VqRXJPVGJkWTFieGZVWEg0Y0ZhMHJBX0U5RUtsYWJScVVhckVxWUdLdlZpRjlOdW9tbnJ3ZjFITXBQSUdjZFJpWGFqSmtWak8yYVhGcXgzNldLVmpldWU1NVJ6c21fWUpNN2UxVVNzMGlBSWRXbTAzakEzSWJHT0NlTGd3OE5teXhWZTFGXzlpbWV0WVRKWEJDVnFCcXNDTy1NQlpQdTBpelZlRUlPQzlsZzVTNWstS0F0NkNfeEJMUzVpX1d1am1vdXFzQVBzZ1BuTjdqSDBmUW9TNzlIZ1JEdTdmVncifSx7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwidXNlIjoiZW5jIiwia2lkIjoidUVhVEFqZnU5TVgzVUZGeHhlSno1WTV1d25PUUQxOVZ5dnJaZF92VUg5WSIsImFsZyI6IlJTQS1PQUVQLTI1NiIsIm4iOiJsRmJ1V2t0Y09TOWdXR1dvMjVEUTVOZndnQ1FnMEQycVFLMnV6UTg4SWtYd21YS0lqTVJUNXhsZXhfcXI0ckFZemMyaWZ4YWlnLUJlRWFWSEFHTmZJYUx0a3VpTHhHWjktbXhBNDR5LVNGXzlLMzg4VDlUejRvdE8zZE16SURxRWFnT01wSzJjOEJRcm5Zem5ucmN4emQ2RVJmYVYxNVNUMk9selVmN0ItUVFoQnh4QW1fUWVNN29kUTBEdHJRSi11V3FMOXlRa3Rja3NEZ3dxRW8ySkVVT241VXFsSGJOSW8tMDNhdGJ6WVdaQWpqWTBWemcxc2dTOVhwaDBOclBMWHF0MzBuYkxaVm5HVjRrMDk2X1MxU01YajFqbWFEMFBqdnRHb215dUs3QUNUTEp1XzFpajBkZFFodmFlQ2VXWXRJdlBDMDJ1RDg3MUgwem5PdWR5ZlEifV19LCJncmFudF90eXBlcyI6WyJyZWZyZXNoX3Rva2VuIiwiYXV0aG9yaXphdGlvbl9jb2RlIl0sImFwcGxpY2F0aW9uX3R5cGUiOiJ3ZWIiLCJ1c2VyaW5mb19lbmNyeXB0ZWRfcmVzcG9uc2VfZW5jIjoiQTEyOENCQy1IUzI1NiIsIm9yZ2FuaXphdGlvbl9uYW1lIjoiT3JkaW5lIGRlbGxlIFByb2Zlc3Npb25pIEluZmVybWllcmlzdGljaGUgZGkgTGF0aW5hIiwicmVkaXJlY3RfdXJpcyI6WyJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvcnAvaXBhc3ZfbHQvY2FsbGJhY2siXSwidXNlcmluZm9fZW5jcnlwdGVkX3Jlc3BvbnNlX2FsZyI6IlJTQS1PQUVQLTI1NiIsImNsaWVudF9pZCI6Imh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9ycC9pcGFzdl9sdCIsInVzZXJpbmZvX3NpZ25lZF9yZXNwb25zZV9hbGciOiJSUzI1NiIsInRva2VuX2VuZHBvaW50X2F1dGhfbWV0aG9kIjoicHJpdmF0ZV9rZXlfand0IiwiY2xpZW50X25hbWUiOiJPcmRpbmUgZGVsbGUgUHJvZmVzc2lvbmkgSW5mZXJtaWVyaXN0aWNoZSBkaSBMYXRpbmEiLCJjb250YWN0cyI6WyJsYXRpbmFAY2VydC5vcmRpbmUtb3BpLml0Il0sInJlc3BvbnNlX3R5cGVzIjpbImNvZGUiXSwiaWRfdG9rZW5fc2lnbmVkX3Jlc3BvbnNlX2FsZyI6IlJTMjU2In19LCJqd2tzIjp7ImtleXMiOlt7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwiYWxnIjoiUlMyNTYiLCJ1c2UiOiJzaWciLCJuIjoid3ZISHBtckZraTI3R1ZkYXYtNW41S0hZT08tZ21sT3MxOWxBUG1xeDZGU2VSUTVSeWsxbVUxTFVPNFF4UmJYVUlUNEhFczRUc2EzRG94SlRCSEE5clR1VXJTZUpieFEwcGVBbUI4akZFbmowYjJOdzVwSDBaRFVmMVdoUWw1dlJQblRUcmpWUXotUlE1VzNtMHRjVTh4OEd6MXlNczF6RHZ2YTNmZzVjajQyV1lnMEtYN2d1ODNrQ2puQmpEX2NlT2YzWHJhN1Q2V193LXNJY1h4TGJFWXYzVDFSdFp2cE9IZHp1WTJjMEx1NTlPNFE5d01udk5VT0hjTVJFT3ROM3RpcEc0dU1jOHAxajVUQ0lXMUVTeXNxWUYycF9kYmJlSVFwVXhrRzJZMHNPWnJWWWtTTHAwdjB4RnJKd1N3NVl2Z0VhZ2ZIaERXTXNmcGpPNHFuUXBRIiwia2lkIjoiRTk1Y05MVFN0SVB2c21NZGE2bkdIcHY1SlQ4NUN0elpsUGxpano2OWNSayJ9XX0sImlzcyI6Imh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9ycC9pcGFzdl9sdCIsImF1dGhvcml0eV9oaW50cyI6WyJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvc2EiXSwiZXhwIjoxNzI4MzQ2NjE2LCJpYXQiOjE3MjgzNDQ4MTYsInRydXN0X21hcmtzIjpbeyJ0cnVzdF9tYXJrIjoiZXlKcmFXUWlPaUpOV0dGdlRVdHZjV0l5TUUxUU1FMVdZa1JVWkd4SVltbEZNRTlKYWtOeVltaEhUbmt4V1ZsemVYSk5JaXdpZEhsd0lqb2lkSEoxYzNRdGJXRnlheXRxZDNRaUxDSmhiR2NpT2lKU1V6STFOaUo5LmV5SnpkV0lpT2lKb2RIUndjem92TDNOd2FXUXVkMkp6Y3k1cGRDOVRjR2xrTDI5cFpHTXZjbkF2YVhCaGMzWmZiSFFpTENKeVpXWWlPaUlpTENKc2IyZHZYM1Z5YVNJNkltaDBkSEJ6T2k4dmQzZDNMbTl3YVd4aGRHbHVZUzVwZENJc0ltbHpjeUk2SW1oMGRIQnpPaTh2YzNCcFpDNTNZbk56TG1sMEwxTndhV1F2YjJsa1l5OXpZU0lzSW05eVoyRnVhWHBoZEdsdmJsOTBlWEJsSWpvaWNIVmliR2xqSWl3aWFXUWlPaUpvZEhSd2N6b3ZMMjlwWkdNdWNtVm5hWE4wY25rdWMyVnlkbWw2YVdOcFpTNXBiblJsY201dkxtZHZkaTVwZEM5dmNHVnVhV1JmY21Wc2VXbHVaMTl3WVhKMGVTOXdkV0pzYVdNaUxDSnZjbWRoYm1sNllYUnBiMjVmYm1GdFpTSTZJazl5WkdsdVpTQmtaV3hzWlNCUWNtOW1aWE56YVc5dWFTQkpibVpsY20xcFpYSnBjM1JwWTJobElHUnBJRXhoZEdsdVlTSXNJbVY0Y0NJNk1UYzFPRGt3T0RZeE55d2lhV0YwSWpveE56STNORFU1TURFM0xDSnBaRjlqYjJSbElqcDdJbWx3WVY5amIyUmxJam9pYVhCaGMzWmZiSFFpZlN3aVpXMWhhV3dpT2lKc1lYUnBibUZBWTJWeWRDNXZjbVJwYm1VdGIzQnBMbWwwSW4wLlBBLUhDeFpFNy01ZzZ6YkVVblJ1N0hHV1M0ejB5TWpsUG9aQkVMUkc4MzNVN242NW5ndFltXzMzcnlyMWEwbDN2N0xDbDFKNDE1NTdvTEJoeEwzTXdnWWstbHFZNHBNU0Q1YjVyRXk1akNHYjNoM0w1b2xldWRuNFhXeWRaZkVjWWhrVHlIbERfaFdtZk12MDlCLXQ4LTJ0YWdiOExDWTVnY1JBLTFDSFZOcGpWUFhKLXcxeVhvM3dxLXhVTWZpRHFpaU9MWnl2V2I3NElMQ1JMajQwWG0tLVVlUUY2M0d4LTZFOGs5WG0xMllsRnRYdFBocHlDQ1pEMlJ0Z1BUNnEzWnBHTjFHR2kyZEtEMjRITHhjS3B3RGh0Z09yckp0Uko5TnRBb1VjV3MwZUkxZkRFYnV0NFhoYkExYXlNTVAwVVZyanpXVW5UX25POGdwRHF4M1VDdyIsImlzcyI6Imh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYSIsImlkIjoiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvb3BlbmlkX3JlbHlpbmdfcGFydHkvcHVibGljIn1dfQ.iMKQ3-TqYqPSP5YSqNh-U9TjfirHOUYv0KokoP9KmChsUz8LtEaU8Ajxo2nsbkSeNSxnRQ8uCXBWrnpIpa5uC9Od5sAABNBpY14t3St0tOvta5OTVGVm6SFhCj4uYMipyhACTM2y9Mxr0f0GpNhY5_2jqNL0SPdP4-7PcLp_1Aa_ngg0YYeoRUn1d2DOjCGUuOnosM86anWPCFU9ahqcarcQACzuIo898-zVVPEOx1C0VoH0Qqmd3wq4gtJ6baWo7QhZpKeUs4kVuDJ-D-Tn_FdwJ351oboES2v-qyBRxpzs5aUbqn-r96W1Wp8KEvCfBA3dYbaNKd2FqkSPrSbZkA" + ], + [ + "https://spid.wbss.it/Spid/oidc/sa/fetch?sub=https://spid.wbss.it/Spid/oidc/rp/ipasv_lt", + "eyJraWQiOiJNWGFvTUtvcWIyME1QME1WYkRUZGxIYmlFME9JakNyYmhHTnkxWVlzeXJNIiwidHlwIjoiZW50aXR5LXN0YXRlbWVudCtqd3QiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvcnAvaXBhc3ZfbHQiLCJqd2tzIjp7ImtleXMiOlt7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwiYWxnIjoiUlMyNTYiLCJ1c2UiOiJzaWciLCJuIjoid3ZISHBtckZraTI3R1ZkYXYtNW41S0hZT08tZ21sT3MxOWxBUG1xeDZGU2VSUTVSeWsxbVUxTFVPNFF4UmJYVUlUNEhFczRUc2EzRG94SlRCSEE5clR1VXJTZUpieFEwcGVBbUI4akZFbmowYjJOdzVwSDBaRFVmMVdoUWw1dlJQblRUcmpWUXotUlE1VzNtMHRjVTh4OEd6MXlNczF6RHZ2YTNmZzVjajQyV1lnMEtYN2d1ODNrQ2puQmpEX2NlT2YzWHJhN1Q2V193LXNJY1h4TGJFWXYzVDFSdFp2cE9IZHp1WTJjMEx1NTlPNFE5d01udk5VT0hjTVJFT3ROM3RpcEc0dU1jOHAxajVUQ0lXMUVTeXNxWUYycF9kYmJlSVFwVXhrRzJZMHNPWnJWWWtTTHAwdjB4RnJKd1N3NVl2Z0VhZ2ZIaERXTXNmcGpPNHFuUXBRIiwia2lkIjoiRTk1Y05MVFN0SVB2c21NZGE2bkdIcHY1SlQ4NUN0elpsUGxpano2OWNSayJ9XX0sIm1ldGFkYXRhX3BvbGljeSI6eyJvcGVuaWRfcmVseWluZ19wYXJ0eSI6eyJqd2tzIjp7InZhbHVlIjp7ImtleXMiOlt7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwiYWxnIjoiUlMyNTYiLCJ1c2UiOiJzaWciLCJuIjoiZzY5N1pNVk1ZRk0yLUJSM3lGdVZJRlFGRVl1dGhoMHFpX3lpQ2UtV0FDbko4bDN2ai15eng5WGY0LXhUdzc0X2hULWk5MEFZY09fWVpnVHp2Zm1SZ0tmTjBQTDh3bGJBRy1XWGVlRWg5OVg1aUhaX1pXZnN0TV9FakVyT1RiZFkxYnhmVVhINGNGYTByQV9FOUVLbGFiUnFVYXJFcVlHS3ZWaUY5TnVvbW5yd2YxSE1wUElHY2RSaVhhakprVmpPMmFYRnF4MzZXS1ZqZXVlNTVSenNtX1lKTTdlMVVTczBpQUlkV20wM2pBM0liR09DZUxndzhObXl4VmUxRl85aW1ldFlUSlhCQ1ZxQnFzQ08tTUJaUHUwaXpWZUVJT0M5bGc1UzVrLUtBdDZDX3hCTFM1aV9XdWptb3Vxc0FQc2dQbk43akgwZlFvUzc5SGdSRHU3ZlZ3Iiwia2lkIjoiU0dIT1BTSVRTMXd6MUdmMTlYajFEbDg2UHZqSGZxSUd5cmZOcVR2UWU0cyJ9LHsia3R5IjoiUlNBIiwiZSI6IkFRQUIiLCJhbGciOiJSU0EtT0FFUC0yNTYiLCJ1c2UiOiJlbmMiLCJuIjoibEZidVdrdGNPUzlnV0dXbzI1RFE1TmZ3Z0NRZzBEMnFRSzJ1elE4OElrWHdtWEtJak1SVDV4bGV4X3FyNHJBWXpjMmlmeGFpZy1CZUVhVkhBR05mSWFMdGt1aUx4R1o5LW14QTQ0eS1TRl85SzM4OFQ5VHo0b3RPM2RNeklEcUVhZ09NcEsyYzhCUXJuWXpubnJjeHpkNkVSZmFWMTVTVDJPbHpVZjdCLVFRaEJ4eEFtX1FlTTdvZFEwRHRyUUotdVdxTDl5UWt0Y2tzRGd3cUVvMkpFVU9uNVVxbEhiTklvLTAzYXRiellXWkFqalkwVnpnMXNnUzlYcGgwTnJQTFhxdDMwbmJMWlZuR1Y0azA5Nl9TMVNNWGoxam1hRDBQanZ0R29teXVLN0FDVExKdV8xaWowZGRRaHZhZUNlV1l0SXZQQzAydUQ4NzFIMHpuT3VkeWZRIiwia2lkIjoidUVhVEFqZnU5TVgzVUZGeHhlSno1WTV1d25PUUQxOVZ5dnJaZF92VUg5WSJ9XX19fX0sImlzcyI6Imh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYSIsImF1dGhvcml0eV9oaW50cyI6WyJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvc2EiXSwiZXhwIjoxNzI4MzQ2NjQzLCJpYXQiOjE3MjgzNDQ4NDMsImNvbnN0cmFpbnRzIjoie30iLCJ0cnVzdF9tYXJrcyI6W3sidHJ1c3RfbWFyayI6ImV5SnJhV1FpT2lKTldHRnZUVXR2Y1dJeU1FMVFNRTFXWWtSVVpHeElZbWxGTUU5SmFrTnlZbWhIVG5reFdWbHplWEpOSWl3aWRIbHdJam9pZEhKMWMzUXRiV0Z5YXl0cWQzUWlMQ0poYkdjaU9pSlNVekkxTmlKOS5leUp6ZFdJaU9pSm9kSFJ3Y3pvdkwzTndhV1F1ZDJKemN5NXBkQzlUY0dsa0wyOXBaR012Y25BdmFYQmhjM1pmYkhRaUxDSnlaV1lpT2lJaUxDSnNiMmR2WDNWeWFTSTZJbWgwZEhCek9pOHZkM2QzTG05d2FXeGhkR2x1WVM1cGRDSXNJbWx6Y3lJNkltaDBkSEJ6T2k4dmMzQnBaQzUzWW5OekxtbDBMMU53YVdRdmIybGtZeTl6WVNJc0ltOXlaMkZ1YVhwaGRHbHZibDkwZVhCbElqb2ljSFZpYkdsaklpd2lhV1FpT2lKb2RIUndjem92TDI5cFpHTXVjbVZuYVhOMGNua3VjMlZ5ZG1sNmFXTnBaUzVwYm5SbGNtNXZMbWR2ZGk1cGRDOXZjR1Z1YVdSZmNtVnNlV2x1WjE5d1lYSjBlUzl3ZFdKc2FXTWlMQ0p2Y21kaGJtbDZZWFJwYjI1ZmJtRnRaU0k2SWs5eVpHbHVaU0JrWld4c1pTQlFjbTltWlhOemFXOXVhU0JKYm1abGNtMXBaWEpwYzNScFkyaGxJR1JwSUV4aGRHbHVZU0lzSW1WNGNDSTZNVGMxT0Rrd09EWXhOeXdpYVdGMElqb3hOekkzTkRVNU1ERTNMQ0pwWkY5amIyUmxJanA3SW1sd1lWOWpiMlJsSWpvaWFYQmhjM1pmYkhRaWZTd2laVzFoYVd3aU9pSnNZWFJwYm1GQVkyVnlkQzV2Y21ScGJtVXRiM0JwTG1sMEluMC5QQS1IQ3haRTctNWc2emJFVW5SdTdIR1dTNHoweU1qbFBvWkJFTFJHODMzVTduNjVuZ3RZbV8zM3J5cjFhMGwzdjdMQ2wxSjQxNTU3b0xCaHhMM013Z1lrLWxxWTRwTVNENWI1ckV5NWpDR2IzaDNMNW9sZXVkbjRYV3lkWmZFY1loa1R5SGxEX2hXbWZNdjA5Qi10OC0ydGFnYjhMQ1k1Z2NSQS0xQ0hWTnBqVlBYSi13MXlYbzN3cS14VU1maURxaWlPTFp5dldiNzRJTENSTGo0MFhtLS1VZVFGNjNHeC02RThrOVhtMTJZbEZ0WHRQaHB5Q0NaRDJSdGdQVDZxM1pwR04xR0dpMmRLRDI0SEx4Y0twd0RodGdPcnJKdFJKOU50QW9VY1dzMGVJMWZERWJ1dDRYaGJBMWF5TU1QMFVWcmp6V1VuVF9uTzhncERxeDNVQ3ciLCJpc3MiOiJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvc2EiLCJpZCI6Imh0dHBzOi8vb2lkYy5yZWdpc3RyeS5zZXJ2aXppY2llLmludGVybm8uZ292Lml0L29wZW5pZF9yZWx5aW5nX3BhcnR5L3B1YmxpYyJ9XX0.sT1eD12sTPk3moKnnuQGaOKprY4lL9lFUYauG5FbXQIyxFtZEOOLs1nBZwJOJVObaC2hhnWOTEVyyKlmsoi_7naWQsQxzQu1z6aEJVcblDu6KUt9QAr0qq4LMps7Ql6h1_1WI1XxsleX8qjtvnzZqG-gvRY1iH1opOmMR0oVzP-WfY16DCMIriiJeqB47AA3OcTs4VJ8choJBK1BlciYRyatmdrASwMMtePE8cQdnAvDeN0r5RLDqlFGjy0Mmyh8FDs_VWpQ11oVIrkNg_RMOR8BGsYGYeelqDmyc6hs6RLfNXQj2nU48obw7n9EVOcOvX7GyABAY9_taPMIHdfwgg" + ], + [ + "https://spid.wbss.it/Spid/oidc/sa/fetch", + "eyJraWQiOiJNWGFvTUtvcWIyME1QME1WYkRUZGxIYmlFME9JakNyYmhHTnkxWVlzeXJNIiwidHlwIjoiZW50aXR5LXN0YXRlbWVudCtqd3QiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvcnAvaXBhc3ZfbHQiLCJqd2tzIjp7ImtleXMiOlt7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwiYWxnIjoiUlMyNTYiLCJ1c2UiOiJzaWciLCJuIjoid3ZISHBtckZraTI3R1ZkYXYtNW41S0hZT08tZ21sT3MxOWxBUG1xeDZGU2VSUTVSeWsxbVUxTFVPNFF4UmJYVUlUNEhFczRUc2EzRG94SlRCSEE5clR1VXJTZUpieFEwcGVBbUI4akZFbmowYjJOdzVwSDBaRFVmMVdoUWw1dlJQblRUcmpWUXotUlE1VzNtMHRjVTh4OEd6MXlNczF6RHZ2YTNmZzVjajQyV1lnMEtYN2d1ODNrQ2puQmpEX2NlT2YzWHJhN1Q2V193LXNJY1h4TGJFWXYzVDFSdFp2cE9IZHp1WTJjMEx1NTlPNFE5d01udk5VT0hjTVJFT3ROM3RpcEc0dU1jOHAxajVUQ0lXMUVTeXNxWUYycF9kYmJlSVFwVXhrRzJZMHNPWnJWWWtTTHAwdjB4RnJKd1N3NVl2Z0VhZ2ZIaERXTXNmcGpPNHFuUXBRIiwia2lkIjoiRTk1Y05MVFN0SVB2c21NZGE2bkdIcHY1SlQ4NUN0elpsUGxpano2OWNSayJ9XX0sIm1ldGFkYXRhX3BvbGljeSI6eyJvcGVuaWRfcmVseWluZ19wYXJ0eSI6eyJqd2tzIjp7InZhbHVlIjp7ImtleXMiOlt7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwiYWxnIjoiUlMyNTYiLCJ1c2UiOiJzaWciLCJuIjoiZzY5N1pNVk1ZRk0yLUJSM3lGdVZJRlFGRVl1dGhoMHFpX3lpQ2UtV0FDbko4bDN2ai15eng5WGY0LXhUdzc0X2hULWk5MEFZY09fWVpnVHp2Zm1SZ0tmTjBQTDh3bGJBRy1XWGVlRWg5OVg1aUhaX1pXZnN0TV9FakVyT1RiZFkxYnhmVVhINGNGYTByQV9FOUVLbGFiUnFVYXJFcVlHS3ZWaUY5TnVvbW5yd2YxSE1wUElHY2RSaVhhakprVmpPMmFYRnF4MzZXS1ZqZXVlNTVSenNtX1lKTTdlMVVTczBpQUlkV20wM2pBM0liR09DZUxndzhObXl4VmUxRl85aW1ldFlUSlhCQ1ZxQnFzQ08tTUJaUHUwaXpWZUVJT0M5bGc1UzVrLUtBdDZDX3hCTFM1aV9XdWptb3Vxc0FQc2dQbk43akgwZlFvUzc5SGdSRHU3ZlZ3Iiwia2lkIjoiU0dIT1BTSVRTMXd6MUdmMTlYajFEbDg2UHZqSGZxSUd5cmZOcVR2UWU0cyJ9LHsia3R5IjoiUlNBIiwiZSI6IkFRQUIiLCJhbGciOiJSU0EtT0FFUC0yNTYiLCJ1c2UiOiJlbmMiLCJuIjoibEZidVdrdGNPUzlnV0dXbzI1RFE1TmZ3Z0NRZzBEMnFRSzJ1elE4OElrWHdtWEtJak1SVDV4bGV4X3FyNHJBWXpjMmlmeGFpZy1CZUVhVkhBR05mSWFMdGt1aUx4R1o5LW14QTQ0eS1TRl85SzM4OFQ5VHo0b3RPM2RNeklEcUVhZ09NcEsyYzhCUXJuWXpubnJjeHpkNkVSZmFWMTVTVDJPbHpVZjdCLVFRaEJ4eEFtX1FlTTdvZFEwRHRyUUotdVdxTDl5UWt0Y2tzRGd3cUVvMkpFVU9uNVVxbEhiTklvLTAzYXRiellXWkFqalkwVnpnMXNnUzlYcGgwTnJQTFhxdDMwbmJMWlZuR1Y0azA5Nl9TMVNNWGoxam1hRDBQanZ0R29teXVLN0FDVExKdV8xaWowZGRRaHZhZUNlV1l0SXZQQzAydUQ4NzFIMHpuT3VkeWZRIiwia2lkIjoidUVhVEFqZnU5TVgzVUZGeHhlSno1WTV1d25PUUQxOVZ5dnJaZF92VUg5WSJ9XX19fX0sImlzcyI6Imh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYSIsImF1dGhvcml0eV9oaW50cyI6WyJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvc2EiXSwiZXhwIjoxNzI4MzQ2NjQzLCJpYXQiOjE3MjgzNDQ4NDMsImNvbnN0cmFpbnRzIjoie30iLCJ0cnVzdF9tYXJrcyI6W3sidHJ1c3RfbWFyayI6ImV5SnJhV1FpT2lKTldHRnZUVXR2Y1dJeU1FMVFNRTFXWWtSVVpHeElZbWxGTUU5SmFrTnlZbWhIVG5reFdWbHplWEpOSWl3aWRIbHdJam9pZEhKMWMzUXRiV0Z5YXl0cWQzUWlMQ0poYkdjaU9pSlNVekkxTmlKOS5leUp6ZFdJaU9pSm9kSFJ3Y3pvdkwzTndhV1F1ZDJKemN5NXBkQzlUY0dsa0wyOXBaR012Y25BdmFYQmhjM1pmYkhRaUxDSnlaV1lpT2lJaUxDSnNiMmR2WDNWeWFTSTZJbWgwZEhCek9pOHZkM2QzTG05d2FXeGhkR2x1WVM1cGRDSXNJbWx6Y3lJNkltaDBkSEJ6T2k4dmMzQnBaQzUzWW5OekxtbDBMMU53YVdRdmIybGtZeTl6WVNJc0ltOXlaMkZ1YVhwaGRHbHZibDkwZVhCbElqb2ljSFZpYkdsaklpd2lhV1FpT2lKb2RIUndjem92TDI5cFpHTXVjbVZuYVhOMGNua3VjMlZ5ZG1sNmFXTnBaUzVwYm5SbGNtNXZMbWR2ZGk1cGRDOXZjR1Z1YVdSZmNtVnNlV2x1WjE5d1lYSjBlUzl3ZFdKc2FXTWlMQ0p2Y21kaGJtbDZZWFJwYjI1ZmJtRnRaU0k2SWs5eVpHbHVaU0JrWld4c1pTQlFjbTltWlhOemFXOXVhU0JKYm1abGNtMXBaWEpwYzNScFkyaGxJR1JwSUV4aGRHbHVZU0lzSW1WNGNDSTZNVGMxT0Rrd09EWXhOeXdpYVdGMElqb3hOekkzTkRVNU1ERTNMQ0pwWkY5amIyUmxJanA3SW1sd1lWOWpiMlJsSWpvaWFYQmhjM1pmYkhRaWZTd2laVzFoYVd3aU9pSnNZWFJwYm1GQVkyVnlkQzV2Y21ScGJtVXRiM0JwTG1sMEluMC5QQS1IQ3haRTctNWc2emJFVW5SdTdIR1dTNHoweU1qbFBvWkJFTFJHODMzVTduNjVuZ3RZbV8zM3J5cjFhMGwzdjdMQ2wxSjQxNTU3b0xCaHhMM013Z1lrLWxxWTRwTVNENWI1ckV5NWpDR2IzaDNMNW9sZXVkbjRYV3lkWmZFY1loa1R5SGxEX2hXbWZNdjA5Qi10OC0ydGFnYjhMQ1k1Z2NSQS0xQ0hWTnBqVlBYSi13MXlYbzN3cS14VU1maURxaWlPTFp5dldiNzRJTENSTGo0MFhtLS1VZVFGNjNHeC02RThrOVhtMTJZbEZ0WHRQaHB5Q0NaRDJSdGdQVDZxM1pwR04xR0dpMmRLRDI0SEx4Y0twd0RodGdPcnJKdFJKOU50QW9VY1dzMGVJMWZERWJ1dDRYaGJBMWF5TU1QMFVWcmp6V1VuVF9uTzhncERxeDNVQ3ciLCJpc3MiOiJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvc2EiLCJpZCI6Imh0dHBzOi8vb2lkYy5yZWdpc3RyeS5zZXJ2aXppY2llLmludGVybm8uZ292Lml0L29wZW5pZF9yZWx5aW5nX3BhcnR5L3B1YmxpYyJ9XX0.sT1eD12sTPk3moKnnuQGaOKprY4lL9lFUYauG5FbXQIyxFtZEOOLs1nBZwJOJVObaC2hhnWOTEVyyKlmsoi_7naWQsQxzQu1z6aEJVcblDu6KUt9QAr0qq4LMps7Ql6h1_1WI1XxsleX8qjtvnzZqG-gvRY1iH1opOmMR0oVzP-WfY16DCMIriiJeqB47AA3OcTs4VJ8choJBK1BlciYRyatmdrASwMMtePE8cQdnAvDeN0r5RLDqlFGjy0Mmyh8FDs_VWpQ11oVIrkNg_RMOR8BGsYGYeelqDmyc6hs6RLfNXQj2nU48obw7n9EVOcOvX7GyABAY9_taPMIHdfwgg" + ], + [ + "https://oidc.registry.servizicie.interno.gov.it/fetch?sub=https://spid.wbss.it/Spid/oidc/sa", + "eyJraWQiOiJkZWZhdWx0UlNBU2lnbiIsInR5cCI6ImVudGl0eS1zdGF0ZW1lbnQrand0IiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvc2EiLCJqd2tzIjp7ImtleXMiOlt7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwidXNlIjoic2lnIiwia2lkIjoiTVhhb01Lb3FiMjBNUDBNVmJEVGRsSGJpRTBPSWpDcmJoR055MVlZc3lyTSIsImFsZyI6IlJTMjU2IiwibiI6IjBCVFA0QUNnLUtUNmVOZEFocjEtcGE3Nmx1alhWM1dpWGwwdzROX215ajRxMHpnYVpPRDFjNUk3MjQtZzBfTkhpMjJxQmoxSXUtTUdKUVZrbGZELWVzSzFGWjJybmRSaWFiNVRkTXA0YzF5eS10a2lRTTdhZkp3elc3MERpb1YxaVNtZk9RNEhIMDlBLWRhbElaX0lBOFBxZXE4VHliZHBnUXN0TkFwM0ZOMGNNb0hILVdhZ0ZRR2lWMkEySDNzVWh2UVYyT19FQ0VaWENvTExHNkVzVVJzaEtweU93WDkwN05NSzdROVI5VU9CeldhQkpxUGstY21tbTlpWlRnVDg2QV9CY1MwdVpZeTdFT1lCM0VrYkNNQ2lHbDBGY29BbUYtT3hvc2RUYnRZb2FWa1c3UHlnQ1ZtZG16dGMwX0NWc1dhbUxvVlBTc2NxRmgtRVhITXh0dyJ9XX0sIm1ldGFkYXRhX3BvbGljeSI6eyJvcGVuaWRfcmVseWluZ19wYXJ0eSI6eyJjbGllbnRfcmVnaXN0cmF0aW9uX3R5cGVzIjp7InN1YnNldF9vZiI6WyJhdXRvbWF0aWMiXSwiZXNzZW50aWFsIjp0cnVlfSwiZ3JhbnRfdHlwZXMiOnsic3VwZXJzZXRfb2YiOlsiYXV0aG9yaXphdGlvbl9jb2RlIl0sInN1YnNldF9vZiI6WyJhdXRob3JpemF0aW9uX2NvZGUiLCJyZWZyZXNoX3Rva2VuIl19LCJpZF90b2tlbl9lbmNyeXB0ZWRfcmVzcG9uc2VfYWxnIjp7Im9uZV9vZiI6WyJSU0EtT0FFUCIsIlJTQS1PQUVQLTI1NiIsIkVDREgtRVMiLCJFQ0RILUVTK0ExMjhLVyIsIkVDREgtRVMrQTI1NktXIl0sImVzc2VudGlhbCI6ZmFsc2V9LCJpZF90b2tlbl9lbmNyeXB0ZWRfcmVzcG9uc2VfZW5jIjp7Im9uZV9vZiI6WyJBMTI4Q0JDLUhTMjU2IiwiQTI1NkNCQy1IUzUxMiJdLCJlc3NlbnRpYWwiOmZhbHNlfSwidXNlcmluZm9fZW5jcnlwdGVkX3Jlc3BvbnNlX2VuYyI6eyJvbmVfb2YiOlsiQTEyOENCQy1IUzI1NiIsIkEyNTZDQkMtSFM1MTIiXSwiZXNzZW50aWFsIjp0cnVlfSwidXNlcmluZm9fZW5jcnlwdGVkX3Jlc3BvbnNlX2FsZyI6eyJvbmVfb2YiOlsiUlNBLU9BRVAiLCJSU0EtT0FFUC0yNTYiLCJFQ0RILUVTIiwiRUNESC1FUytBMTI4S1ciLCJFQ0RILUVTK0EyNTZLVyJdLCJlc3NlbnRpYWwiOnRydWV9LCJyZWRpcmVjdF91cmlzIjp7ImVzc2VudGlhbCI6dHJ1ZX0sInVzZXJpbmZvX3NpZ25lZF9yZXNwb25zZV9hbGciOnsib25lX29mIjpbIlJTMjU2IiwiUlM1MTIiLCJFUzI1NiIsIkVTNTEyIiwiUFMyNTYiLCJQUzUxMiJdLCJlc3NlbnRpYWwiOnRydWV9LCJ0b2tlbl9lbmRwb2ludF9hdXRoX21ldGhvZCI6eyJvbmVfb2YiOlsicHJpdmF0ZV9rZXlfand0Il0sImVzc2VudGlhbCI6dHJ1ZX0sImNsaWVudF9pZCI6eyJlc3NlbnRpYWwiOnRydWV9LCJpZF90b2tlbl9zaWduZWRfcmVzcG9uc2VfYWxnIjp7Im9uZV9vZiI6WyJSUzI1NiIsIlJTNTEyIiwiRVMyNTYiLCJFUzUxMiIsIlBTMjU2IiwiUFM1MTIiXSwiZXNzZW50aWFsIjp0cnVlfSwicmVzcG9uc2VfdHlwZXMiOnsidmFsdWUiOlsiY29kZSJdfX19LCJpc3MiOiJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCIsImV4cCI6MTcyODM0NjcwNSwiaWF0IjoxNzI4MzQ0OTA1LCJjb25zdHJhaW50cyI6eyJhbGxvd2VkX2xlYWZfZW50aXR5X3R5cGVzIjpbIm9wZW5pZF9yZWx5aW5nX3BhcnR5Il19LCJ0cnVzdF9tYXJrcyI6W3sidHJ1c3RfbWFyayI6ImV5SnJhV1FpT2lKa1pXWmhkV3gwVWxOQlUybG5iaUlzSW5SNWNDSTZJblJ5ZFhOMExXMWhjbXNyYW5kMElpd2lZV3huSWpvaVVsTXlOVFlpZlEuZXlKemRXSWlPaUpvZEhSd2N6b3ZMM053YVdRdWQySnpjeTVwZEM5VGNHbGtMMjlwWkdNdmMyRWlMQ0p6WVY5d2NtOW1hV3hsSWpvaVcxd2lablZzYkZ3aVhTSXNJbWx6Y3lJNkltaDBkSEJ6T2k4dmIybGtZeTV5WldkcGMzUnllUzV6WlhKMmFYcHBZMmxsTG1sdWRHVnlibTh1WjI5MkxtbDBJaXdpYjNKbllXNXBlbUYwYVc5dVgzUjVjR1VpT2lKd2NtbDJZWFJsSWl3aWFXUWlPaUpvZEhSd2N6b3ZMMjlwWkdNdWNtVm5hWE4wY25rdWMyVnlkbWw2YVdOcFpTNXBiblJsY201dkxtZHZkaTVwZEM5cGJuUmxjbTFsWkdsaGRHVXZjSEpwZG1GMFpTSXNJbVY0Y0NJNk1UYzFPRE0yTnpJd01Td2lhV0YwSWpveE56STJPRE14TWpBeGZRLkNRX3ZfQnZVbWxoUXZHb1Q2NjA1aEpIcjZic29FYTMtYlJpcjZfUDFNcy1FeGM4UVJlX0d1VzlmYzFEb1RGSTFrenBoZjlBUExYbF93MVlzU3ZIVGV6NndtY1hNcXEwT0NfVTZPVUVLZDlleUR4c1V6SmJUSGZ5UEtUTkxWQmJiSW5pZzRRdjA3YUE0Qnk5ZlNtTDRfWnV1ZnRLUFhkUmZVUmJNZUxkcEhsWi1HU1JjUkxRd2MzS190bjhfUzR0Y0hONGFDWWxIWWU5cWxyMjJZNHZmdHpsZWY2ZmFKelhTX1gwRzQtZmgxc3BteE1VR1k1UGR2QlhsS0pJZGtMdTZXTU9NVGF1clBLT1VTakFJZ3pMbUxzWTF0NDhPYlcxZHlULUNfS19CelZYTkdTblpsck5XWFJmSWxsb3BmTUZtRzJwb2FpdjgyZkVCV3FseFZSSnVKdyIsImlzcyI6Imh0dHBzOi8vb2lkYy5yZWdpc3RyeS5zZXJ2aXppY2llLmludGVybm8uZ292Lml0IiwiaWQiOiJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9pbnRlcm1lZGlhdGUvcHJpdmF0ZSJ9XX0.JSID34FwkJ3nc83WHZL60z8tsVCE5SE6NR9yGwroEqIyI5TBmE2DDSbO87LGkiNkDIJ4ANo-fwBRLkXkdKVtf2QfKKzX7fsTihETekIBP9XA1RfFRDMYUKyHI5b-4cQIQxWHTnnjdm-9byT8FK8Pw8eC3QNc38KbJvR1CcdCVFVBQ1GFumTe1DOhkARbFg3rT_w8RjH_PhuRmUDUQyTBQwDHdFydb_TZpgzvSmHUjjvB2qJT109DGV4s-aFwj5bUn9YRazWlNDo78PFS0lJk16bLGEP5YRrXL_lGSxSEUta-BQEoJ2CR9QsBCW8L1HJoRywx61nWSC1wsCAxJlR4eg" + ] +] diff --git a/packages/oidf-client/__tests__/shared/oidfClientAgentLogic.ts b/packages/oidf-client/__tests__/shared/oidfClientAgentLogic.ts new file mode 100644 index 000000000..debeb62d9 --- /dev/null +++ b/packages/oidf-client/__tests__/shared/oidfClientAgentLogic.ts @@ -0,0 +1,105 @@ +import 'cross-fetch/polyfill' +import { createAgent, TAgent } from '@veramo/core' +import { IOIDFClient, OIDFClient } from '../../src' +import { mockResponses } from './TrustChainMockResponses' +import { IJwtService, JwtService } from '@sphereon/ssi-sdk-ext.jwt-service' +import nock = require('nock') +import { defaultCryptoJSImpl } from './CryptoDefaultCallback' + +type ConfiguredAgent = TAgent + +function nockSetup() { + const url = new URL(mockResponses[0][0]) + const url5 = new URL(mockResponses[5][0]) + nock(url.origin) //https://oidc.registry.servizicie.interno.gov.it + .persist() + .get(url.pathname) //.well-known/openid-federation + .reply(200, mockResponses[0][1], { 'Content-Type': 'application/entity-statement+jwt' }) + .get(url5.pathname) + .query({ + sub: 'https://spid.wbss.it/Spid/oidc/sa', + iss: 'https://oidc.registry.servizicie.interno.gov.it', + }) + .reply(200, mockResponses[5][1], { 'Content-Type': 'application/entity-statement+jwt' }) + + const url1 = new URL(mockResponses[1][0]) + const url2 = new URL(mockResponses[2][0]) + const url3 = new URL(mockResponses[3][0]) + const url4 = new URL(mockResponses[4][0]) + nock(url1.origin) //https://spid.wbss.it + .persist() + .get(url1.pathname) //Spid/oidc/sa/.well-known/openid-federation + .reply(200, mockResponses[1][1], { 'Content-Type': 'application/entity-statement+jwt' }) + .get(url2.pathname) //Spid/oidc/rp/ipasv_lt/.well-known/openid-federation + .reply(200, mockResponses[2][1], { 'Content-Type': 'application/entity-statement+jwt' }) + .get(url3.pathname) + .query({ + sub: 'https://spid.wbss.it/Spid/oidc/rp/ipasv_lt', + iss: 'https://spid.wbss.it/Spid/oidc/sa', + }) //Spid/oidc/sa/fetch?sub=https://spid.wbss.it/Spid/oidc/rp/ipasv_lt&iss=https://spid.wbss.it/Spid/oidc/sa + .reply(200, mockResponses[3][1], { 'Content-Type': 'application/entity-statement+jwt' }) + .get(url4.pathname) //Spid/oidc/sa/fetch + .query({}) // Match empty query string for url4 + .reply(200, mockResponses[4][1], { 'Content-Type': 'application/entity-statement+jwt' }) +} + +export default (testContext: { getAgent: () => ConfiguredAgent; setup: () => Promise; tearDown: () => Promise }): void => { + describe('Credential Store Agent Plugin', (): void => { + let agent: ConfiguredAgent + + beforeAll(async (): Promise => { + await testContext.setup() + //agent = testContext.getAgent() + // FIXME Remove createAgent and uncomment the line above when the issue with the jwt-service is fixed + agent = createAgent({ + plugins: [ + new JwtService(), + new OIDFClient({ + cryptoServiceCallback: defaultCryptoJSImpl, + }), + ], + }) + }) + + afterAll(testContext.tearDown) + + it('should build a trust chain 1', async () => { + nockSetup() + const trustChain = await agent.resolveTrustChain({ + entityIdentifier: 'https://spid.wbss.it/Spid/oidc/rp/ipasv_lt', + trustAnchors: ['https://oidc.registry.servizicie.interno.gov.it'], + }) + + expect(trustChain).not.toBeNull() + expect(trustChain).toHaveLength(4) + + expect(trustChain).toEqual( + expect.arrayContaining([ + 'eyJraWQiOiJFOTVjTkxUU3RJUHZzbU1kYTZuR0hwdjVKVDg1Q3R6WmxQbGlqejY5Y1JrIiwidHlwIjoiZW50aXR5LXN0YXRlbWVudCtqd3QiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvcnAvaXBhc3ZfbHQiLCJtZXRhZGF0YSI6eyJmZWRlcmF0aW9uX2VudGl0eSI6eyJob21lcGFnZV91cmkiOiJodHRwczovL3d3dy5vcGlsYXRpbmEuaXQiLCJsb2dvX3VyaSI6Imh0dHBzOi8vd3d3Lm9waWxhdGluYS5pdCIsIm9yZ2FuaXphdGlvbl9uYW1lIjoiT3JkaW5lIGRlbGxlIFByb2Zlc3Npb25pIEluZmVybWllcmlzdGljaGUgZGkgTGF0aW5hIiwiY29udGFjdHMiOlsibGF0aW5hQGNlcnQub3JkaW5lLW9waS5pdCJdLCJmZWRlcmF0aW9uX3Jlc29sdmVfZW5kcG9pbnQiOiJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvcnAvaXBhc3ZfbHQvcmVzb2x2ZSIsInBvbGljeV91cmkiOiJodHRwczovL3d3dy5vcGlsYXRpbmEuaXQvbHQvYW1taW5pc3RyYXppb25lLXRyYXNwYXJlbnRlLzExOS1hbHRyaS1jb250ZW51dGkvNzQ5LXByaXZhY3ktcG9saWN5LXNpdG8ifSwib3BlbmlkX3JlbHlpbmdfcGFydHkiOnsiY2xpZW50X3JlZ2lzdHJhdGlvbl90eXBlcyI6WyJhdXRvbWF0aWMiXSwiandrcyI6eyJrZXlzIjpbeyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsInVzZSI6InNpZyIsImtpZCI6IlNHSE9QU0lUUzF3ejFHZjE5WGoxRGw4NlB2akhmcUlHeXJmTnFUdlFlNHMiLCJhbGciOiJSUzI1NiIsIm4iOiJnNjk3Wk1WTVlGTTItQlIzeUZ1VklGUUZFWXV0aGgwcWlfeWlDZS1XQUNuSjhsM3ZqLXl6eDlYZjQteFR3NzRfaFQtaTkwQVljT19ZWmdUenZmbVJnS2ZOMFBMOHdsYkFHLVdYZWVFaDk5WDVpSFpfWldmc3RNX0VqRXJPVGJkWTFieGZVWEg0Y0ZhMHJBX0U5RUtsYWJScVVhckVxWUdLdlZpRjlOdW9tbnJ3ZjFITXBQSUdjZFJpWGFqSmtWak8yYVhGcXgzNldLVmpldWU1NVJ6c21fWUpNN2UxVVNzMGlBSWRXbTAzakEzSWJHT0NlTGd3OE5teXhWZTFGXzlpbWV0WVRKWEJDVnFCcXNDTy1NQlpQdTBpelZlRUlPQzlsZzVTNWstS0F0NkNfeEJMUzVpX1d1am1vdXFzQVBzZ1BuTjdqSDBmUW9TNzlIZ1JEdTdmVncifSx7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwidXNlIjoiZW5jIiwia2lkIjoidUVhVEFqZnU5TVgzVUZGeHhlSno1WTV1d25PUUQxOVZ5dnJaZF92VUg5WSIsImFsZyI6IlJTQS1PQUVQLTI1NiIsIm4iOiJsRmJ1V2t0Y09TOWdXR1dvMjVEUTVOZndnQ1FnMEQycVFLMnV6UTg4SWtYd21YS0lqTVJUNXhsZXhfcXI0ckFZemMyaWZ4YWlnLUJlRWFWSEFHTmZJYUx0a3VpTHhHWjktbXhBNDR5LVNGXzlLMzg4VDlUejRvdE8zZE16SURxRWFnT01wSzJjOEJRcm5Zem5ucmN4emQ2RVJmYVYxNVNUMk9selVmN0ItUVFoQnh4QW1fUWVNN29kUTBEdHJRSi11V3FMOXlRa3Rja3NEZ3dxRW8ySkVVT241VXFsSGJOSW8tMDNhdGJ6WVdaQWpqWTBWemcxc2dTOVhwaDBOclBMWHF0MzBuYkxaVm5HVjRrMDk2X1MxU01YajFqbWFEMFBqdnRHb215dUs3QUNUTEp1XzFpajBkZFFodmFlQ2VXWXRJdlBDMDJ1RDg3MUgwem5PdWR5ZlEifV19LCJncmFudF90eXBlcyI6WyJyZWZyZXNoX3Rva2VuIiwiYXV0aG9yaXphdGlvbl9jb2RlIl0sImFwcGxpY2F0aW9uX3R5cGUiOiJ3ZWIiLCJ1c2VyaW5mb19lbmNyeXB0ZWRfcmVzcG9uc2VfZW5jIjoiQTEyOENCQy1IUzI1NiIsIm9yZ2FuaXphdGlvbl9uYW1lIjoiT3JkaW5lIGRlbGxlIFByb2Zlc3Npb25pIEluZmVybWllcmlzdGljaGUgZGkgTGF0aW5hIiwicmVkaXJlY3RfdXJpcyI6WyJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvcnAvaXBhc3ZfbHQvY2FsbGJhY2siXSwidXNlcmluZm9fZW5jcnlwdGVkX3Jlc3BvbnNlX2FsZyI6IlJTQS1PQUVQLTI1NiIsImNsaWVudF9pZCI6Imh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9ycC9pcGFzdl9sdCIsInVzZXJpbmZvX3NpZ25lZF9yZXNwb25zZV9hbGciOiJSUzI1NiIsInRva2VuX2VuZHBvaW50X2F1dGhfbWV0aG9kIjoicHJpdmF0ZV9rZXlfand0IiwiY2xpZW50X25hbWUiOiJPcmRpbmUgZGVsbGUgUHJvZmVzc2lvbmkgSW5mZXJtaWVyaXN0aWNoZSBkaSBMYXRpbmEiLCJjb250YWN0cyI6WyJsYXRpbmFAY2VydC5vcmRpbmUtb3BpLml0Il0sInJlc3BvbnNlX3R5cGVzIjpbImNvZGUiXSwiaWRfdG9rZW5fc2lnbmVkX3Jlc3BvbnNlX2FsZyI6IlJTMjU2In19LCJqd2tzIjp7ImtleXMiOlt7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwiYWxnIjoiUlMyNTYiLCJ1c2UiOiJzaWciLCJuIjoid3ZISHBtckZraTI3R1ZkYXYtNW41S0hZT08tZ21sT3MxOWxBUG1xeDZGU2VSUTVSeWsxbVUxTFVPNFF4UmJYVUlUNEhFczRUc2EzRG94SlRCSEE5clR1VXJTZUpieFEwcGVBbUI4akZFbmowYjJOdzVwSDBaRFVmMVdoUWw1dlJQblRUcmpWUXotUlE1VzNtMHRjVTh4OEd6MXlNczF6RHZ2YTNmZzVjajQyV1lnMEtYN2d1ODNrQ2puQmpEX2NlT2YzWHJhN1Q2V193LXNJY1h4TGJFWXYzVDFSdFp2cE9IZHp1WTJjMEx1NTlPNFE5d01udk5VT0hjTVJFT3ROM3RpcEc0dU1jOHAxajVUQ0lXMUVTeXNxWUYycF9kYmJlSVFwVXhrRzJZMHNPWnJWWWtTTHAwdjB4RnJKd1N3NVl2Z0VhZ2ZIaERXTXNmcGpPNHFuUXBRIiwia2lkIjoiRTk1Y05MVFN0SVB2c21NZGE2bkdIcHY1SlQ4NUN0elpsUGxpano2OWNSayJ9XX0sImlzcyI6Imh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9ycC9pcGFzdl9sdCIsImF1dGhvcml0eV9oaW50cyI6WyJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvc2EiXSwiZXhwIjoxNzI4MzQ2NjE2LCJpYXQiOjE3MjgzNDQ4MTYsInRydXN0X21hcmtzIjpbeyJ0cnVzdF9tYXJrIjoiZXlKcmFXUWlPaUpOV0dGdlRVdHZjV0l5TUUxUU1FMVdZa1JVWkd4SVltbEZNRTlKYWtOeVltaEhUbmt4V1ZsemVYSk5JaXdpZEhsd0lqb2lkSEoxYzNRdGJXRnlheXRxZDNRaUxDSmhiR2NpT2lKU1V6STFOaUo5LmV5SnpkV0lpT2lKb2RIUndjem92TDNOd2FXUXVkMkp6Y3k1cGRDOVRjR2xrTDI5cFpHTXZjbkF2YVhCaGMzWmZiSFFpTENKeVpXWWlPaUlpTENKc2IyZHZYM1Z5YVNJNkltaDBkSEJ6T2k4dmQzZDNMbTl3YVd4aGRHbHVZUzVwZENJc0ltbHpjeUk2SW1oMGRIQnpPaTh2YzNCcFpDNTNZbk56TG1sMEwxTndhV1F2YjJsa1l5OXpZU0lzSW05eVoyRnVhWHBoZEdsdmJsOTBlWEJsSWpvaWNIVmliR2xqSWl3aWFXUWlPaUpvZEhSd2N6b3ZMMjlwWkdNdWNtVm5hWE4wY25rdWMyVnlkbWw2YVdOcFpTNXBiblJsY201dkxtZHZkaTVwZEM5dmNHVnVhV1JmY21Wc2VXbHVaMTl3WVhKMGVTOXdkV0pzYVdNaUxDSnZjbWRoYm1sNllYUnBiMjVmYm1GdFpTSTZJazl5WkdsdVpTQmtaV3hzWlNCUWNtOW1aWE56YVc5dWFTQkpibVpsY20xcFpYSnBjM1JwWTJobElHUnBJRXhoZEdsdVlTSXNJbVY0Y0NJNk1UYzFPRGt3T0RZeE55d2lhV0YwSWpveE56STNORFU1TURFM0xDSnBaRjlqYjJSbElqcDdJbWx3WVY5amIyUmxJam9pYVhCaGMzWmZiSFFpZlN3aVpXMWhhV3dpT2lKc1lYUnBibUZBWTJWeWRDNXZjbVJwYm1VdGIzQnBMbWwwSW4wLlBBLUhDeFpFNy01ZzZ6YkVVblJ1N0hHV1M0ejB5TWpsUG9aQkVMUkc4MzNVN242NW5ndFltXzMzcnlyMWEwbDN2N0xDbDFKNDE1NTdvTEJoeEwzTXdnWWstbHFZNHBNU0Q1YjVyRXk1akNHYjNoM0w1b2xldWRuNFhXeWRaZkVjWWhrVHlIbERfaFdtZk12MDlCLXQ4LTJ0YWdiOExDWTVnY1JBLTFDSFZOcGpWUFhKLXcxeVhvM3dxLXhVTWZpRHFpaU9MWnl2V2I3NElMQ1JMajQwWG0tLVVlUUY2M0d4LTZFOGs5WG0xMllsRnRYdFBocHlDQ1pEMlJ0Z1BUNnEzWnBHTjFHR2kyZEtEMjRITHhjS3B3RGh0Z09yckp0Uko5TnRBb1VjV3MwZUkxZkRFYnV0NFhoYkExYXlNTVAwVVZyanpXVW5UX25POGdwRHF4M1VDdyIsImlzcyI6Imh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYSIsImlkIjoiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvb3BlbmlkX3JlbHlpbmdfcGFydHkvcHVibGljIn1dfQ.iMKQ3-TqYqPSP5YSqNh-U9TjfirHOUYv0KokoP9KmChsUz8LtEaU8Ajxo2nsbkSeNSxnRQ8uCXBWrnpIpa5uC9Od5sAABNBpY14t3St0tOvta5OTVGVm6SFhCj4uYMipyhACTM2y9Mxr0f0GpNhY5_2jqNL0SPdP4-7PcLp_1Aa_ngg0YYeoRUn1d2DOjCGUuOnosM86anWPCFU9ahqcarcQACzuIo898-zVVPEOx1C0VoH0Qqmd3wq4gtJ6baWo7QhZpKeUs4kVuDJ-D-Tn_FdwJ351oboES2v-qyBRxpzs5aUbqn-r96W1Wp8KEvCfBA3dYbaNKd2FqkSPrSbZkA', + 'eyJraWQiOiJNWGFvTUtvcWIyME1QME1WYkRUZGxIYmlFME9JakNyYmhHTnkxWVlzeXJNIiwidHlwIjoiZW50aXR5LXN0YXRlbWVudCtqd3QiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvcnAvaXBhc3ZfbHQiLCJqd2tzIjp7ImtleXMiOlt7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwiYWxnIjoiUlMyNTYiLCJ1c2UiOiJzaWciLCJuIjoid3ZISHBtckZraTI3R1ZkYXYtNW41S0hZT08tZ21sT3MxOWxBUG1xeDZGU2VSUTVSeWsxbVUxTFVPNFF4UmJYVUlUNEhFczRUc2EzRG94SlRCSEE5clR1VXJTZUpieFEwcGVBbUI4akZFbmowYjJOdzVwSDBaRFVmMVdoUWw1dlJQblRUcmpWUXotUlE1VzNtMHRjVTh4OEd6MXlNczF6RHZ2YTNmZzVjajQyV1lnMEtYN2d1ODNrQ2puQmpEX2NlT2YzWHJhN1Q2V193LXNJY1h4TGJFWXYzVDFSdFp2cE9IZHp1WTJjMEx1NTlPNFE5d01udk5VT0hjTVJFT3ROM3RpcEc0dU1jOHAxajVUQ0lXMUVTeXNxWUYycF9kYmJlSVFwVXhrRzJZMHNPWnJWWWtTTHAwdjB4RnJKd1N3NVl2Z0VhZ2ZIaERXTXNmcGpPNHFuUXBRIiwia2lkIjoiRTk1Y05MVFN0SVB2c21NZGE2bkdIcHY1SlQ4NUN0elpsUGxpano2OWNSayJ9XX0sIm1ldGFkYXRhX3BvbGljeSI6eyJvcGVuaWRfcmVseWluZ19wYXJ0eSI6eyJqd2tzIjp7InZhbHVlIjp7ImtleXMiOlt7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwiYWxnIjoiUlMyNTYiLCJ1c2UiOiJzaWciLCJuIjoiZzY5N1pNVk1ZRk0yLUJSM3lGdVZJRlFGRVl1dGhoMHFpX3lpQ2UtV0FDbko4bDN2ai15eng5WGY0LXhUdzc0X2hULWk5MEFZY09fWVpnVHp2Zm1SZ0tmTjBQTDh3bGJBRy1XWGVlRWg5OVg1aUhaX1pXZnN0TV9FakVyT1RiZFkxYnhmVVhINGNGYTByQV9FOUVLbGFiUnFVYXJFcVlHS3ZWaUY5TnVvbW5yd2YxSE1wUElHY2RSaVhhakprVmpPMmFYRnF4MzZXS1ZqZXVlNTVSenNtX1lKTTdlMVVTczBpQUlkV20wM2pBM0liR09DZUxndzhObXl4VmUxRl85aW1ldFlUSlhCQ1ZxQnFzQ08tTUJaUHUwaXpWZUVJT0M5bGc1UzVrLUtBdDZDX3hCTFM1aV9XdWptb3Vxc0FQc2dQbk43akgwZlFvUzc5SGdSRHU3ZlZ3Iiwia2lkIjoiU0dIT1BTSVRTMXd6MUdmMTlYajFEbDg2UHZqSGZxSUd5cmZOcVR2UWU0cyJ9LHsia3R5IjoiUlNBIiwiZSI6IkFRQUIiLCJhbGciOiJSU0EtT0FFUC0yNTYiLCJ1c2UiOiJlbmMiLCJuIjoibEZidVdrdGNPUzlnV0dXbzI1RFE1TmZ3Z0NRZzBEMnFRSzJ1elE4OElrWHdtWEtJak1SVDV4bGV4X3FyNHJBWXpjMmlmeGFpZy1CZUVhVkhBR05mSWFMdGt1aUx4R1o5LW14QTQ0eS1TRl85SzM4OFQ5VHo0b3RPM2RNeklEcUVhZ09NcEsyYzhCUXJuWXpubnJjeHpkNkVSZmFWMTVTVDJPbHpVZjdCLVFRaEJ4eEFtX1FlTTdvZFEwRHRyUUotdVdxTDl5UWt0Y2tzRGd3cUVvMkpFVU9uNVVxbEhiTklvLTAzYXRiellXWkFqalkwVnpnMXNnUzlYcGgwTnJQTFhxdDMwbmJMWlZuR1Y0azA5Nl9TMVNNWGoxam1hRDBQanZ0R29teXVLN0FDVExKdV8xaWowZGRRaHZhZUNlV1l0SXZQQzAydUQ4NzFIMHpuT3VkeWZRIiwia2lkIjoidUVhVEFqZnU5TVgzVUZGeHhlSno1WTV1d25PUUQxOVZ5dnJaZF92VUg5WSJ9XX19fX0sImlzcyI6Imh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYSIsImF1dGhvcml0eV9oaW50cyI6WyJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvc2EiXSwiZXhwIjoxNzI4MzQ2NjQzLCJpYXQiOjE3MjgzNDQ4NDMsImNvbnN0cmFpbnRzIjoie30iLCJ0cnVzdF9tYXJrcyI6W3sidHJ1c3RfbWFyayI6ImV5SnJhV1FpT2lKTldHRnZUVXR2Y1dJeU1FMVFNRTFXWWtSVVpHeElZbWxGTUU5SmFrTnlZbWhIVG5reFdWbHplWEpOSWl3aWRIbHdJam9pZEhKMWMzUXRiV0Z5YXl0cWQzUWlMQ0poYkdjaU9pSlNVekkxTmlKOS5leUp6ZFdJaU9pSm9kSFJ3Y3pvdkwzTndhV1F1ZDJKemN5NXBkQzlUY0dsa0wyOXBaR012Y25BdmFYQmhjM1pmYkhRaUxDSnlaV1lpT2lJaUxDSnNiMmR2WDNWeWFTSTZJbWgwZEhCek9pOHZkM2QzTG05d2FXeGhkR2x1WVM1cGRDSXNJbWx6Y3lJNkltaDBkSEJ6T2k4dmMzQnBaQzUzWW5OekxtbDBMMU53YVdRdmIybGtZeTl6WVNJc0ltOXlaMkZ1YVhwaGRHbHZibDkwZVhCbElqb2ljSFZpYkdsaklpd2lhV1FpT2lKb2RIUndjem92TDI5cFpHTXVjbVZuYVhOMGNua3VjMlZ5ZG1sNmFXTnBaUzVwYm5SbGNtNXZMbWR2ZGk1cGRDOXZjR1Z1YVdSZmNtVnNlV2x1WjE5d1lYSjBlUzl3ZFdKc2FXTWlMQ0p2Y21kaGJtbDZZWFJwYjI1ZmJtRnRaU0k2SWs5eVpHbHVaU0JrWld4c1pTQlFjbTltWlhOemFXOXVhU0JKYm1abGNtMXBaWEpwYzNScFkyaGxJR1JwSUV4aGRHbHVZU0lzSW1WNGNDSTZNVGMxT0Rrd09EWXhOeXdpYVdGMElqb3hOekkzTkRVNU1ERTNMQ0pwWkY5amIyUmxJanA3SW1sd1lWOWpiMlJsSWpvaWFYQmhjM1pmYkhRaWZTd2laVzFoYVd3aU9pSnNZWFJwYm1GQVkyVnlkQzV2Y21ScGJtVXRiM0JwTG1sMEluMC5QQS1IQ3haRTctNWc2emJFVW5SdTdIR1dTNHoweU1qbFBvWkJFTFJHODMzVTduNjVuZ3RZbV8zM3J5cjFhMGwzdjdMQ2wxSjQxNTU3b0xCaHhMM013Z1lrLWxxWTRwTVNENWI1ckV5NWpDR2IzaDNMNW9sZXVkbjRYV3lkWmZFY1loa1R5SGxEX2hXbWZNdjA5Qi10OC0ydGFnYjhMQ1k1Z2NSQS0xQ0hWTnBqVlBYSi13MXlYbzN3cS14VU1maURxaWlPTFp5dldiNzRJTENSTGo0MFhtLS1VZVFGNjNHeC02RThrOVhtMTJZbEZ0WHRQaHB5Q0NaRDJSdGdQVDZxM1pwR04xR0dpMmRLRDI0SEx4Y0twd0RodGdPcnJKdFJKOU50QW9VY1dzMGVJMWZERWJ1dDRYaGJBMWF5TU1QMFVWcmp6V1VuVF9uTzhncERxeDNVQ3ciLCJpc3MiOiJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvc2EiLCJpZCI6Imh0dHBzOi8vb2lkYy5yZWdpc3RyeS5zZXJ2aXppY2llLmludGVybm8uZ292Lml0L29wZW5pZF9yZWx5aW5nX3BhcnR5L3B1YmxpYyJ9XX0.sT1eD12sTPk3moKnnuQGaOKprY4lL9lFUYauG5FbXQIyxFtZEOOLs1nBZwJOJVObaC2hhnWOTEVyyKlmsoi_7naWQsQxzQu1z6aEJVcblDu6KUt9QAr0qq4LMps7Ql6h1_1WI1XxsleX8qjtvnzZqG-gvRY1iH1opOmMR0oVzP-WfY16DCMIriiJeqB47AA3OcTs4VJ8choJBK1BlciYRyatmdrASwMMtePE8cQdnAvDeN0r5RLDqlFGjy0Mmyh8FDs_VWpQ11oVIrkNg_RMOR8BGsYGYeelqDmyc6hs6RLfNXQj2nU48obw7n9EVOcOvX7GyABAY9_taPMIHdfwgg', + 'eyJraWQiOiJkZWZhdWx0UlNBU2lnbiIsInR5cCI6ImVudGl0eS1zdGF0ZW1lbnQrand0IiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvc2EiLCJqd2tzIjp7ImtleXMiOlt7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwidXNlIjoic2lnIiwia2lkIjoiTVhhb01Lb3FiMjBNUDBNVmJEVGRsSGJpRTBPSWpDcmJoR055MVlZc3lyTSIsImFsZyI6IlJTMjU2IiwibiI6IjBCVFA0QUNnLUtUNmVOZEFocjEtcGE3Nmx1alhWM1dpWGwwdzROX215ajRxMHpnYVpPRDFjNUk3MjQtZzBfTkhpMjJxQmoxSXUtTUdKUVZrbGZELWVzSzFGWjJybmRSaWFiNVRkTXA0YzF5eS10a2lRTTdhZkp3elc3MERpb1YxaVNtZk9RNEhIMDlBLWRhbElaX0lBOFBxZXE4VHliZHBnUXN0TkFwM0ZOMGNNb0hILVdhZ0ZRR2lWMkEySDNzVWh2UVYyT19FQ0VaWENvTExHNkVzVVJzaEtweU93WDkwN05NSzdROVI5VU9CeldhQkpxUGstY21tbTlpWlRnVDg2QV9CY1MwdVpZeTdFT1lCM0VrYkNNQ2lHbDBGY29BbUYtT3hvc2RUYnRZb2FWa1c3UHlnQ1ZtZG16dGMwX0NWc1dhbUxvVlBTc2NxRmgtRVhITXh0dyJ9XX0sIm1ldGFkYXRhX3BvbGljeSI6eyJvcGVuaWRfcmVseWluZ19wYXJ0eSI6eyJjbGllbnRfcmVnaXN0cmF0aW9uX3R5cGVzIjp7InN1YnNldF9vZiI6WyJhdXRvbWF0aWMiXSwiZXNzZW50aWFsIjp0cnVlfSwiZ3JhbnRfdHlwZXMiOnsic3VwZXJzZXRfb2YiOlsiYXV0aG9yaXphdGlvbl9jb2RlIl0sInN1YnNldF9vZiI6WyJhdXRob3JpemF0aW9uX2NvZGUiLCJyZWZyZXNoX3Rva2VuIl19LCJpZF90b2tlbl9lbmNyeXB0ZWRfcmVzcG9uc2VfYWxnIjp7Im9uZV9vZiI6WyJSU0EtT0FFUCIsIlJTQS1PQUVQLTI1NiIsIkVDREgtRVMiLCJFQ0RILUVTK0ExMjhLVyIsIkVDREgtRVMrQTI1NktXIl0sImVzc2VudGlhbCI6ZmFsc2V9LCJpZF90b2tlbl9lbmNyeXB0ZWRfcmVzcG9uc2VfZW5jIjp7Im9uZV9vZiI6WyJBMTI4Q0JDLUhTMjU2IiwiQTI1NkNCQy1IUzUxMiJdLCJlc3NlbnRpYWwiOmZhbHNlfSwidXNlcmluZm9fZW5jcnlwdGVkX3Jlc3BvbnNlX2VuYyI6eyJvbmVfb2YiOlsiQTEyOENCQy1IUzI1NiIsIkEyNTZDQkMtSFM1MTIiXSwiZXNzZW50aWFsIjp0cnVlfSwidXNlcmluZm9fZW5jcnlwdGVkX3Jlc3BvbnNlX2FsZyI6eyJvbmVfb2YiOlsiUlNBLU9BRVAiLCJSU0EtT0FFUC0yNTYiLCJFQ0RILUVTIiwiRUNESC1FUytBMTI4S1ciLCJFQ0RILUVTK0EyNTZLVyJdLCJlc3NlbnRpYWwiOnRydWV9LCJyZWRpcmVjdF91cmlzIjp7ImVzc2VudGlhbCI6dHJ1ZX0sInVzZXJpbmZvX3NpZ25lZF9yZXNwb25zZV9hbGciOnsib25lX29mIjpbIlJTMjU2IiwiUlM1MTIiLCJFUzI1NiIsIkVTNTEyIiwiUFMyNTYiLCJQUzUxMiJdLCJlc3NlbnRpYWwiOnRydWV9LCJ0b2tlbl9lbmRwb2ludF9hdXRoX21ldGhvZCI6eyJvbmVfb2YiOlsicHJpdmF0ZV9rZXlfand0Il0sImVzc2VudGlhbCI6dHJ1ZX0sImNsaWVudF9pZCI6eyJlc3NlbnRpYWwiOnRydWV9LCJpZF90b2tlbl9zaWduZWRfcmVzcG9uc2VfYWxnIjp7Im9uZV9vZiI6WyJSUzI1NiIsIlJTNTEyIiwiRVMyNTYiLCJFUzUxMiIsIlBTMjU2IiwiUFM1MTIiXSwiZXNzZW50aWFsIjp0cnVlfSwicmVzcG9uc2VfdHlwZXMiOnsidmFsdWUiOlsiY29kZSJdfX19LCJpc3MiOiJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCIsImV4cCI6MTcyODM0NjcwNSwiaWF0IjoxNzI4MzQ0OTA1LCJjb25zdHJhaW50cyI6eyJhbGxvd2VkX2xlYWZfZW50aXR5X3R5cGVzIjpbIm9wZW5pZF9yZWx5aW5nX3BhcnR5Il19LCJ0cnVzdF9tYXJrcyI6W3sidHJ1c3RfbWFyayI6ImV5SnJhV1FpT2lKa1pXWmhkV3gwVWxOQlUybG5iaUlzSW5SNWNDSTZJblJ5ZFhOMExXMWhjbXNyYW5kMElpd2lZV3huSWpvaVVsTXlOVFlpZlEuZXlKemRXSWlPaUpvZEhSd2N6b3ZMM053YVdRdWQySnpjeTVwZEM5VGNHbGtMMjlwWkdNdmMyRWlMQ0p6WVY5d2NtOW1hV3hsSWpvaVcxd2lablZzYkZ3aVhTSXNJbWx6Y3lJNkltaDBkSEJ6T2k4dmIybGtZeTV5WldkcGMzUnllUzV6WlhKMmFYcHBZMmxsTG1sdWRHVnlibTh1WjI5MkxtbDBJaXdpYjNKbllXNXBlbUYwYVc5dVgzUjVjR1VpT2lKd2NtbDJZWFJsSWl3aWFXUWlPaUpvZEhSd2N6b3ZMMjlwWkdNdWNtVm5hWE4wY25rdWMyVnlkbWw2YVdOcFpTNXBiblJsY201dkxtZHZkaTVwZEM5cGJuUmxjbTFsWkdsaGRHVXZjSEpwZG1GMFpTSXNJbVY0Y0NJNk1UYzFPRE0yTnpJd01Td2lhV0YwSWpveE56STJPRE14TWpBeGZRLkNRX3ZfQnZVbWxoUXZHb1Q2NjA1aEpIcjZic29FYTMtYlJpcjZfUDFNcy1FeGM4UVJlX0d1VzlmYzFEb1RGSTFrenBoZjlBUExYbF93MVlzU3ZIVGV6NndtY1hNcXEwT0NfVTZPVUVLZDlleUR4c1V6SmJUSGZ5UEtUTkxWQmJiSW5pZzRRdjA3YUE0Qnk5ZlNtTDRfWnV1ZnRLUFhkUmZVUmJNZUxkcEhsWi1HU1JjUkxRd2MzS190bjhfUzR0Y0hONGFDWWxIWWU5cWxyMjJZNHZmdHpsZWY2ZmFKelhTX1gwRzQtZmgxc3BteE1VR1k1UGR2QlhsS0pJZGtMdTZXTU9NVGF1clBLT1VTakFJZ3pMbUxzWTF0NDhPYlcxZHlULUNfS19CelZYTkdTblpsck5XWFJmSWxsb3BmTUZtRzJwb2FpdjgyZkVCV3FseFZSSnVKdyIsImlzcyI6Imh0dHBzOi8vb2lkYy5yZWdpc3RyeS5zZXJ2aXppY2llLmludGVybm8uZ292Lml0IiwiaWQiOiJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9pbnRlcm1lZGlhdGUvcHJpdmF0ZSJ9XX0.JSID34FwkJ3nc83WHZL60z8tsVCE5SE6NR9yGwroEqIyI5TBmE2DDSbO87LGkiNkDIJ4ANo-fwBRLkXkdKVtf2QfKKzX7fsTihETekIBP9XA1RfFRDMYUKyHI5b-4cQIQxWHTnnjdm-9byT8FK8Pw8eC3QNc38KbJvR1CcdCVFVBQ1GFumTe1DOhkARbFg3rT_w8RjH_PhuRmUDUQyTBQwDHdFydb_TZpgzvSmHUjjvB2qJT109DGV4s-aFwj5bUn9YRazWlNDo78PFS0lJk16bLGEP5YRrXL_lGSxSEUta-BQEoJ2CR9QsBCW8L1HJoRywx61nWSC1wsCAxJlR4eg', + 'eyJraWQiOiJkZWZhdWx0UlNBU2lnbiIsInR5cCI6ImVudGl0eS1zdGF0ZW1lbnQrand0IiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCIsIm1ldGFkYXRhIjp7ImZlZGVyYXRpb25fZW50aXR5Ijp7ImZlZGVyYXRpb25fZmV0Y2hfZW5kcG9pbnQiOiJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9mZXRjaCIsImZlZGVyYXRpb25fcmVzb2x2ZV9lbmRwb2ludCI6Imh0dHBzOi8vb2lkYy5yZWdpc3RyeS5zZXJ2aXppY2llLmludGVybm8uZ292Lml0L3Jlc29sdmUiLCJmZWRlcmF0aW9uX3RydXN0X21hcmtfc3RhdHVzX2VuZHBvaW50IjoiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvdHJ1c3RfbWFya19zdGF0dXMiLCJmZWRlcmF0aW9uX2xpc3RfZW5kcG9pbnQiOiJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9saXN0In19LCJqd2tzIjp7ImtleXMiOlt7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwidXNlIjoic2lnIiwia2lkIjoiZGVmYXVsdFJTQVNpZ24iLCJuIjoicVJUSkhRZ2IyZjhjbG45ZEpiLVdnaWs0cUVMNUdHX19zUHpsQVU0aTY5UzZ5SHhlTWczMllnTGZVenBOQnhfOGtYMm5kellYTV9SS21vM2poalF4dXhDSzFJSFNRY01rZzFoR2lpLXhSdzh4NDV0OFNHbFdjU0hpN182UmFBWTFTeUZjRUVsTkFxSGk1b2VCYUIzRkd2ZnJWLUVQLWNOa1V2R0VWYnlzX0NieHlHRFE5UU0wTkVyc2lsVmxNQVJERXJFTlpjclkwck5LdDUyV29aZ3kzcHNWY2Q4VTVEMExxZkM3N2JQakczNVBhVmh3WUFubFAwZXowSGY2dHV5V0pIZUE1MmRDZGUtbmEzV2ptUGFya2NscEZyLUtqWGVJQzhCd2ZqRXBBWGJLY3A4Tm11UUZqOWZEOUtuUjZ2Q2RPOTFSeUJJYkRsdUw1TEg4czBxRENRIn0seyJrdHkiOiJFQyIsInVzZSI6InNpZyIsImNydiI6IlAtMjU2Iiwia2lkIjoiZGVmYXVsdEVDU2lnbiIsIngiOiJ4TWtXSWExRVp5amdtazNKUUx0SERBOXAwVHBQOXdNU2JKSzBvQWl0Z2NrIiwieSI6IkNWTEZzdE93S3d0UXJ1dF92b0hqWU82SnoxSzBOWFJ1OE9MQ1RtS29zTGcifSx7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwidXNlIjoiZW5jIiwia2lkIjoiZGVmYXVsdFJTQUVuYyIsIm4iOiJ3ZXcyMnhjcGZBU2tRUXA3U09vX0dzNmNLajJYeTd4VlpLX3RnWnh6QXlReExTeG01c1U0WkdzNm1kSUFIZEV2UTkxU25FSFR0anBlQVM5d0N2TlhWbVZ4TklqRkFQSnpDWXBzZkZ4R3pXMVBSM1NDQmVLUFl6VWpTeUJTZWw1LW1Td1U4MHlZQXFPbFoxUVJaTlFJNUVTVXZOUG9lUEZqR0NvZnhuRlJzbXF5X21Bd1p5bmQyTnJyc1QyQXlwMEw2UFF3ei1Fa09oakVCcHpzeXEwcE11am5aRWZ2UHk5UC1YdjJTVUZMZUpQcm1jRHllNjRaMlk5V1BoMmpwa25oT3hESzhSTUwtMllUdmI0dVNPalowWFpPVzltVm9nTkpSSm0yemVQVGVlTFBxR2x1TGNEenBsYnkwbkxiTGpkWDdLM29MYnFoRGFld2o3VnJhS2Vtc1EifV19LCJ0cnVzdF9tYXJrX2lzc3VlcnMiOnsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvb2F1dGhfcmVzb3VyY2UvcHJpdmF0ZSI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vcGVuaWRfcHJvdmlkZXIvcHJpdmF0ZSI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vYXV0aF9yZXNvdXJjZS9wdWJsaWMiOlsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQiXSwiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvaW50ZXJtZWRpYXRlL3B1YmxpYyI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vcGVuaWRfcmVseWluZ19wYXJ0eS9wdWJsaWMiOlsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQiLCJodHRwczovL2NvaGVzaW9uMi5yZWdpb25lLm1hcmNoZS5pdC9vaWRjL3NhLyIsImh0dHBzOi8vYXV0aC50b3NjYW5hLml0L2F1dGgvcmVhbG1zL2VudGkvZmVkZXJhdGlvbi1lbnRpdHkvcl90b3NjYW5fc2FfZW50aSIsImh0dHBzOi8vYXV0ZW50aWNhemlvbmUuY2xvdWQucHJvdmluY2lhLnRuLml0L2FnZ3JlZ2F0b3JlIiwiaHR0cHM6Ly9vaWRjc2Eud2VibG9vbS5pdCIsImh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYSIsImh0dHBzOi8vc2VjdXJlLmVyZW1pbmQuaXQvaWRlbnRpdGEtZGlnaXRhbGUtb2lkYy9vaWRjLWZlZCIsImh0dHBzOi8vY2llLW9pZGMuY29tdW5lLW9ubGluZS5pdC9BdXRoU2VydmljZU9JREMvb2lkYy9zYSIsImh0dHBzOi8vcGhwLWNpZS5hbmR4b3IuaXQiLCJodHRwczovL2xvZ2luLmFzZndlYi5pdC8iLCJodHRwczovL29pZGMuc3R1ZGlvYW1pY2EuY29tIiwiaHR0cHM6Ly9pZHAuZW50cmFuZXh0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9jd29sc3NvLm51dm9sYXBhbGl0YWxzb2Z0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9mZWRlcmEubGVwaWRhLml0L2d3L09pZGNTYUZ1bGwvIiwiaHR0cHM6Ly93d3cuZXVyb2NvbnRhYi5pdC9hcGkiXSwiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvaW50ZXJtZWRpYXRlL3ByaXZhdGUiOlsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQiXSwiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvb3BlbmlkX3Byb3ZpZGVyL3B1YmxpYyI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vcGVuaWRfcmVseWluZ19wYXJ0eS9wcml2YXRlIjpbImh0dHBzOi8vb2lkYy5yZWdpc3RyeS5zZXJ2aXppY2llLmludGVybm8uZ292Lml0IiwiaHR0cHM6Ly9vaWRjc2Eud2VibG9vbS5pdCIsImh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYSIsImh0dHBzOi8vc2VjdXJlLmVyZW1pbmQuaXQvaWRlbnRpdGEtZGlnaXRhbGUtb2lkYy9vaWRjLWZlZCIsImh0dHBzOi8vY2llLW9pZGMuY29tdW5lLW9ubGluZS5pdC9BdXRoU2VydmljZU9JREMvb2lkYy9zYSIsImh0dHBzOi8vcGhwLWNpZS5hbmR4b3IuaXQiLCJodHRwczovL2xvZ2luLmFzZndlYi5pdC8iLCJodHRwczovL29pZGMuc3R1ZGlvYW1pY2EuY29tIiwiaHR0cHM6Ly9pZHAuZW50cmFuZXh0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9jd29sc3NvLm51dm9sYXBhbGl0YWxzb2Z0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9mZWRlcmEubGVwaWRhLml0L2d3L09pZGNTYUZ1bGwvIiwiaHR0cHM6Ly93d3cuZXVyb2NvbnRhYi5pdC9hcGkiXX0sImlzcyI6Imh0dHBzOi8vb2lkYy5yZWdpc3RyeS5zZXJ2aXppY2llLmludGVybm8uZ292Lml0IiwiZXhwIjoxNzI4NDI4MDI1LCJpYXQiOjE3MjgzNDE2MjUsImNvbnN0cmFpbnRzIjp7Im1heF9wYXRoX2xlbmd0aCI6MX0sInRydXN0X21hcmtzX2lzc3VlcnMiOnsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvb2F1dGhfcmVzb3VyY2UvcHJpdmF0ZSI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vcGVuaWRfcHJvdmlkZXIvcHJpdmF0ZSI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vYXV0aF9yZXNvdXJjZS9wdWJsaWMiOlsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQiXSwiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvaW50ZXJtZWRpYXRlL3B1YmxpYyI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vcGVuaWRfcmVseWluZ19wYXJ0eS9wdWJsaWMiOlsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQiLCJodHRwczovL2NvaGVzaW9uMi5yZWdpb25lLm1hcmNoZS5pdC9vaWRjL3NhLyIsImh0dHBzOi8vYXV0aC50b3NjYW5hLml0L2F1dGgvcmVhbG1zL2VudGkvZmVkZXJhdGlvbi1lbnRpdHkvcl90b3NjYW5fc2FfZW50aSIsImh0dHBzOi8vYXV0ZW50aWNhemlvbmUuY2xvdWQucHJvdmluY2lhLnRuLml0L2FnZ3JlZ2F0b3JlIiwiaHR0cHM6Ly9vaWRjc2Eud2VibG9vbS5pdCIsImh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYSIsImh0dHBzOi8vc2VjdXJlLmVyZW1pbmQuaXQvaWRlbnRpdGEtZGlnaXRhbGUtb2lkYy9vaWRjLWZlZCIsImh0dHBzOi8vY2llLW9pZGMuY29tdW5lLW9ubGluZS5pdC9BdXRoU2VydmljZU9JREMvb2lkYy9zYSIsImh0dHBzOi8vcGhwLWNpZS5hbmR4b3IuaXQiLCJodHRwczovL2xvZ2luLmFzZndlYi5pdC8iLCJodHRwczovL29pZGMuc3R1ZGlvYW1pY2EuY29tIiwiaHR0cHM6Ly9pZHAuZW50cmFuZXh0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9jd29sc3NvLm51dm9sYXBhbGl0YWxzb2Z0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9mZWRlcmEubGVwaWRhLml0L2d3L09pZGNTYUZ1bGwvIiwiaHR0cHM6Ly93d3cuZXVyb2NvbnRhYi5pdC9hcGkiXSwiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvaW50ZXJtZWRpYXRlL3ByaXZhdGUiOlsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQiXSwiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvb3BlbmlkX3Byb3ZpZGVyL3B1YmxpYyI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vcGVuaWRfcmVseWluZ19wYXJ0eS9wcml2YXRlIjpbImh0dHBzOi8vb2lkYy5yZWdpc3RyeS5zZXJ2aXppY2llLmludGVybm8uZ292Lml0IiwiaHR0cHM6Ly9vaWRjc2Eud2VibG9vbS5pdCIsImh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYSIsImh0dHBzOi8vc2VjdXJlLmVyZW1pbmQuaXQvaWRlbnRpdGEtZGlnaXRhbGUtb2lkYy9vaWRjLWZlZCIsImh0dHBzOi8vY2llLW9pZGMuY29tdW5lLW9ubGluZS5pdC9BdXRoU2VydmljZU9JREMvb2lkYy9zYSIsImh0dHBzOi8vcGhwLWNpZS5hbmR4b3IuaXQiLCJodHRwczovL2xvZ2luLmFzZndlYi5pdC8iLCJodHRwczovL29pZGMuc3R1ZGlvYW1pY2EuY29tIiwiaHR0cHM6Ly9pZHAuZW50cmFuZXh0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9jd29sc3NvLm51dm9sYXBhbGl0YWxzb2Z0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9mZWRlcmEubGVwaWRhLml0L2d3L09pZGNTYUZ1bGwvIiwiaHR0cHM6Ly93d3cuZXVyb2NvbnRhYi5pdC9hcGkiXX19.QVndoAzYG4-r-f1mq2szTurjN4IWG5GN6aUBeIm6k5EXOdjEa2oOmP8iANBjCFWF6eNPNN2t342pBpb6-46o9kJv9MxyWASIaBkOv_X8RJGEgv2ghDLLnfOLv4R6J9XH9IIsQPzjlezgWJYk61ukfYN7kWA_aIT5Hf42zEU14V5kLbl50r8wjgJVRwmSBsDLKsWbOnbzfkiKv4druFhfhDZjiyBeCjYajh9MFYdAR1awYihNM-JVib89Z7XgOqxq4qGogPt_XU-YMuf917lw4kpphPRoUe1QIoj1KXfgbpJUdgiLMlXQoBl57Ej3b1mVWgEkC6oKjNyNvZR57Kx8AQ', + ]), + ) + }) + + it('should build trust chain 2', async () => { + nockSetup() + const trustChain = await agent.resolveTrustChain({ + entityIdentifier: 'https://spid.wbss.it/Spid/oidc/sa', + trustAnchors: ['https://oidc.registry.servizicie.interno.gov.it'], + }) + + expect(trustChain).not.toBeNull() + expect(trustChain).toHaveLength(3) + + expect(trustChain).toEqual( + expect.arrayContaining([ + 'eyJraWQiOiJNWGFvTUtvcWIyME1QME1WYkRUZGxIYmlFME9JakNyYmhHTnkxWVlzeXJNIiwidHlwIjoiZW50aXR5LXN0YXRlbWVudCtqd3QiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvc2EiLCJtZXRhZGF0YSI6eyJmZWRlcmF0aW9uX2VudGl0eSI6eyJob21lcGFnZV91cmkiOiJodHRwczovL3d3dy53YnNzLml0IiwibG9nb191cmkiOiJodHRwczovL3d3dy53YnNzLml0L2xvZ28iLCJvcmdhbml6YXRpb25fbmFtZSI6IlcuQi5TLlMuIFdlYiBCYXNlZCBTb2Z0d2FyZSBTb2x1dGlvbiBkaSBCYXR0aXN0aSBBbGVzc2FuZHJvIiwiZmVkZXJhdGlvbl9mZXRjaF9lbmRwb2ludCI6Imh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYS9mZXRjaCIsImNvbnRhY3RzIjpbIndic3NAcGVjLml0Il0sImZlZGVyYXRpb25fdHJ1c3RfbWFya19zdGF0dXNfZW5kcG9pbnQiOiJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvc2EvdHJ1c3RfbWFya19zdGF0dXMiLCJmZWRlcmF0aW9uX3Jlc29sdmVfZW5kcG9pbnQiOiJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvc2EvcmVzb2x2ZSIsInBvbGljeV91cmkiOiJodHRwczovL3d3dy53YnNzLml0L3BvbGljeSIsImZlZGVyYXRpb25fbGlzdF9lbmRwb2ludCI6Imh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYS9saXN0In19LCJqd2tzIjp7ImtleXMiOlt7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwiYWxnIjoiUlMyNTYiLCJ1c2UiOiJzaWciLCJuIjoiMEJUUDRBQ2ctS1Q2ZU5kQWhyMS1wYTc2bHVqWFYzV2lYbDB3NE5fbXlqNHEwemdhWk9EMWM1STcyNC1nMF9OSGkyMnFCajFJdS1NR0pRVmtsZkQtZXNLMUZaMnJuZFJpYWI1VGRNcDRjMXl5LXRraVFNN2FmSnd6VzcwRGlvVjFpU21mT1E0SEgwOUEtZGFsSVpfSUE4UHFlcThUeWJkcGdRc3ROQXAzRk4wY01vSEgtV2FnRlFHaVYyQTJIM3NVaHZRVjJPX0VDRVpYQ29MTEc2RXNVUnNoS3B5T3dYOTA3Tk1LN1E5UjlVT0J6V2FCSnFQay1jbW1tOWlaVGdUODZBX0JjUzB1Wll5N0VPWUIzRWtiQ01DaUdsMEZjb0FtRi1PeG9zZFRidFlvYVZrVzdQeWdDVm1kbXp0YzBfQ1ZzV2FtTG9WUFNzY3FGaC1FWEhNeHR3Iiwia2lkIjoiTVhhb01Lb3FiMjBNUDBNVmJEVGRsSGJpRTBPSWpDcmJoR055MVlZc3lyTSJ9XX0sImlzcyI6Imh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYSIsImF1dGhvcml0eV9oaW50cyI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJleHAiOjE3MjgzNDU4MTksImlhdCI6MTcyODM0NDAxOSwidHJ1c3RfbWFya3MiOlt7InRydXN0X21hcmsiOiJleUpyYVdRaU9pSmtaV1poZFd4MFVsTkJVMmxuYmlJc0luUjVjQ0k2SW5SeWRYTjBMVzFoY21zcmFuZDBJaXdpWVd4bklqb2lVbE15TlRZaWZRLmV5SnpkV0lpT2lKb2RIUndjem92TDNOd2FXUXVkMkp6Y3k1cGRDOVRjR2xrTDI5cFpHTXZjMkVpTENKellWOXdjbTltYVd4bElqb2lXMXdpWm5Wc2JGd2lYU0lzSW1semN5STZJbWgwZEhCek9pOHZiMmxrWXk1eVpXZHBjM1J5ZVM1elpYSjJhWHBwWTJsbExtbHVkR1Z5Ym04dVoyOTJMbWwwSWl3aWIzSm5ZVzVwZW1GMGFXOXVYM1I1Y0dVaU9pSndjbWwyWVhSbElpd2lhV1FpT2lKb2RIUndjem92TDI5cFpHTXVjbVZuYVhOMGNua3VjMlZ5ZG1sNmFXTnBaUzVwYm5SbGNtNXZMbWR2ZGk1cGRDOXBiblJsY20xbFpHbGhkR1V2Y0hKcGRtRjBaU0lzSW1WNGNDSTZNVGMxT0RNMk56SXdNU3dpYVdGMElqb3hOekkyT0RNeE1qQXhmUS5DUV92X0J2VW1saFF2R29UNjYwNWhKSHI2YnNvRWEzLWJSaXI2X1AxTXMtRXhjOFFSZV9HdVc5ZmMxRG9URkkxa3pwaGY5QVBMWGxfdzFZc1N2SFRlejZ3bWNYTXFxME9DX1U2T1VFS2Q5ZXlEeHNVekpiVEhmeVBLVE5MVkJiYkluaWc0UXYwN2FBNEJ5OWZTbUw0X1p1dWZ0S1BYZFJmVVJiTWVMZHBIbFotR1NSY1JMUXdjM0tfdG44X1M0dGNITjRhQ1lsSFllOXFscjIyWTR2ZnR6bGVmNmZhSnpYU19YMEc0LWZoMXNwbXhNVUdZNVBkdkJYbEtKSWRrTHU2V01PTVRhdXJQS09VU2pBSWd6TG1Mc1kxdDQ4T2JXMWR5VC1DX0tfQnpWWE5HU25abHJOV1hSZklsbG9wZk1GbUcycG9haXY4MmZFQldxbHhWUkp1SnciLCJpc3MiOiJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCIsImlkIjoiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvaW50ZXJtZWRpYXRlL3ByaXZhdGUifV19.WntR_8uHdSsf7DV0Q8NQLTpO44qGWGNp7OoM4d4YfF1bjKXBTVTuWXD_4kAxIL7RAPlqFRDX7ULs47Q9eDISvmXx_pyY2izydKEsUnCKNZBCi0OvYZcFikFPT-LWw2jXjWD60x3WVoM0Bvjsh1k9xs6YVN5auIdmmmAfiRjEmfNRdH_aWhXXJieNQ67pfmn7lqGz2ZOS_B7weQbfZEYWBUMAq0WDpDmatWJhrBb4alGpvvRmntEI7Y_JWlnHdtmh7JMJFwWA6V76zxG-pKI6aivS4FA9QGIcJvUqjVOPXCQW-DUirRGPHBO2Hz_lBUpWqAdW25WOn11P36nDOTqNkA', + 'eyJraWQiOiJkZWZhdWx0UlNBU2lnbiIsInR5cCI6ImVudGl0eS1zdGF0ZW1lbnQrand0IiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiJodHRwczovL3NwaWQud2Jzcy5pdC9TcGlkL29pZGMvc2EiLCJqd2tzIjp7ImtleXMiOlt7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwidXNlIjoic2lnIiwia2lkIjoiTVhhb01Lb3FiMjBNUDBNVmJEVGRsSGJpRTBPSWpDcmJoR055MVlZc3lyTSIsImFsZyI6IlJTMjU2IiwibiI6IjBCVFA0QUNnLUtUNmVOZEFocjEtcGE3Nmx1alhWM1dpWGwwdzROX215ajRxMHpnYVpPRDFjNUk3MjQtZzBfTkhpMjJxQmoxSXUtTUdKUVZrbGZELWVzSzFGWjJybmRSaWFiNVRkTXA0YzF5eS10a2lRTTdhZkp3elc3MERpb1YxaVNtZk9RNEhIMDlBLWRhbElaX0lBOFBxZXE4VHliZHBnUXN0TkFwM0ZOMGNNb0hILVdhZ0ZRR2lWMkEySDNzVWh2UVYyT19FQ0VaWENvTExHNkVzVVJzaEtweU93WDkwN05NSzdROVI5VU9CeldhQkpxUGstY21tbTlpWlRnVDg2QV9CY1MwdVpZeTdFT1lCM0VrYkNNQ2lHbDBGY29BbUYtT3hvc2RUYnRZb2FWa1c3UHlnQ1ZtZG16dGMwX0NWc1dhbUxvVlBTc2NxRmgtRVhITXh0dyJ9XX0sIm1ldGFkYXRhX3BvbGljeSI6eyJvcGVuaWRfcmVseWluZ19wYXJ0eSI6eyJjbGllbnRfcmVnaXN0cmF0aW9uX3R5cGVzIjp7InN1YnNldF9vZiI6WyJhdXRvbWF0aWMiXSwiZXNzZW50aWFsIjp0cnVlfSwiZ3JhbnRfdHlwZXMiOnsic3VwZXJzZXRfb2YiOlsiYXV0aG9yaXphdGlvbl9jb2RlIl0sInN1YnNldF9vZiI6WyJhdXRob3JpemF0aW9uX2NvZGUiLCJyZWZyZXNoX3Rva2VuIl19LCJpZF90b2tlbl9lbmNyeXB0ZWRfcmVzcG9uc2VfYWxnIjp7Im9uZV9vZiI6WyJSU0EtT0FFUCIsIlJTQS1PQUVQLTI1NiIsIkVDREgtRVMiLCJFQ0RILUVTK0ExMjhLVyIsIkVDREgtRVMrQTI1NktXIl0sImVzc2VudGlhbCI6ZmFsc2V9LCJpZF90b2tlbl9lbmNyeXB0ZWRfcmVzcG9uc2VfZW5jIjp7Im9uZV9vZiI6WyJBMTI4Q0JDLUhTMjU2IiwiQTI1NkNCQy1IUzUxMiJdLCJlc3NlbnRpYWwiOmZhbHNlfSwidXNlcmluZm9fZW5jcnlwdGVkX3Jlc3BvbnNlX2VuYyI6eyJvbmVfb2YiOlsiQTEyOENCQy1IUzI1NiIsIkEyNTZDQkMtSFM1MTIiXSwiZXNzZW50aWFsIjp0cnVlfSwidXNlcmluZm9fZW5jcnlwdGVkX3Jlc3BvbnNlX2FsZyI6eyJvbmVfb2YiOlsiUlNBLU9BRVAiLCJSU0EtT0FFUC0yNTYiLCJFQ0RILUVTIiwiRUNESC1FUytBMTI4S1ciLCJFQ0RILUVTK0EyNTZLVyJdLCJlc3NlbnRpYWwiOnRydWV9LCJyZWRpcmVjdF91cmlzIjp7ImVzc2VudGlhbCI6dHJ1ZX0sInVzZXJpbmZvX3NpZ25lZF9yZXNwb25zZV9hbGciOnsib25lX29mIjpbIlJTMjU2IiwiUlM1MTIiLCJFUzI1NiIsIkVTNTEyIiwiUFMyNTYiLCJQUzUxMiJdLCJlc3NlbnRpYWwiOnRydWV9LCJ0b2tlbl9lbmRwb2ludF9hdXRoX21ldGhvZCI6eyJvbmVfb2YiOlsicHJpdmF0ZV9rZXlfand0Il0sImVzc2VudGlhbCI6dHJ1ZX0sImNsaWVudF9pZCI6eyJlc3NlbnRpYWwiOnRydWV9LCJpZF90b2tlbl9zaWduZWRfcmVzcG9uc2VfYWxnIjp7Im9uZV9vZiI6WyJSUzI1NiIsIlJTNTEyIiwiRVMyNTYiLCJFUzUxMiIsIlBTMjU2IiwiUFM1MTIiXSwiZXNzZW50aWFsIjp0cnVlfSwicmVzcG9uc2VfdHlwZXMiOnsidmFsdWUiOlsiY29kZSJdfX19LCJpc3MiOiJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCIsImV4cCI6MTcyODM0NjcwNSwiaWF0IjoxNzI4MzQ0OTA1LCJjb25zdHJhaW50cyI6eyJhbGxvd2VkX2xlYWZfZW50aXR5X3R5cGVzIjpbIm9wZW5pZF9yZWx5aW5nX3BhcnR5Il19LCJ0cnVzdF9tYXJrcyI6W3sidHJ1c3RfbWFyayI6ImV5SnJhV1FpT2lKa1pXWmhkV3gwVWxOQlUybG5iaUlzSW5SNWNDSTZJblJ5ZFhOMExXMWhjbXNyYW5kMElpd2lZV3huSWpvaVVsTXlOVFlpZlEuZXlKemRXSWlPaUpvZEhSd2N6b3ZMM053YVdRdWQySnpjeTVwZEM5VGNHbGtMMjlwWkdNdmMyRWlMQ0p6WVY5d2NtOW1hV3hsSWpvaVcxd2lablZzYkZ3aVhTSXNJbWx6Y3lJNkltaDBkSEJ6T2k4dmIybGtZeTV5WldkcGMzUnllUzV6WlhKMmFYcHBZMmxsTG1sdWRHVnlibTh1WjI5MkxtbDBJaXdpYjNKbllXNXBlbUYwYVc5dVgzUjVjR1VpT2lKd2NtbDJZWFJsSWl3aWFXUWlPaUpvZEhSd2N6b3ZMMjlwWkdNdWNtVm5hWE4wY25rdWMyVnlkbWw2YVdOcFpTNXBiblJsY201dkxtZHZkaTVwZEM5cGJuUmxjbTFsWkdsaGRHVXZjSEpwZG1GMFpTSXNJbVY0Y0NJNk1UYzFPRE0yTnpJd01Td2lhV0YwSWpveE56STJPRE14TWpBeGZRLkNRX3ZfQnZVbWxoUXZHb1Q2NjA1aEpIcjZic29FYTMtYlJpcjZfUDFNcy1FeGM4UVJlX0d1VzlmYzFEb1RGSTFrenBoZjlBUExYbF93MVlzU3ZIVGV6NndtY1hNcXEwT0NfVTZPVUVLZDlleUR4c1V6SmJUSGZ5UEtUTkxWQmJiSW5pZzRRdjA3YUE0Qnk5ZlNtTDRfWnV1ZnRLUFhkUmZVUmJNZUxkcEhsWi1HU1JjUkxRd2MzS190bjhfUzR0Y0hONGFDWWxIWWU5cWxyMjJZNHZmdHpsZWY2ZmFKelhTX1gwRzQtZmgxc3BteE1VR1k1UGR2QlhsS0pJZGtMdTZXTU9NVGF1clBLT1VTakFJZ3pMbUxzWTF0NDhPYlcxZHlULUNfS19CelZYTkdTblpsck5XWFJmSWxsb3BmTUZtRzJwb2FpdjgyZkVCV3FseFZSSnVKdyIsImlzcyI6Imh0dHBzOi8vb2lkYy5yZWdpc3RyeS5zZXJ2aXppY2llLmludGVybm8uZ292Lml0IiwiaWQiOiJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9pbnRlcm1lZGlhdGUvcHJpdmF0ZSJ9XX0.JSID34FwkJ3nc83WHZL60z8tsVCE5SE6NR9yGwroEqIyI5TBmE2DDSbO87LGkiNkDIJ4ANo-fwBRLkXkdKVtf2QfKKzX7fsTihETekIBP9XA1RfFRDMYUKyHI5b-4cQIQxWHTnnjdm-9byT8FK8Pw8eC3QNc38KbJvR1CcdCVFVBQ1GFumTe1DOhkARbFg3rT_w8RjH_PhuRmUDUQyTBQwDHdFydb_TZpgzvSmHUjjvB2qJT109DGV4s-aFwj5bUn9YRazWlNDo78PFS0lJk16bLGEP5YRrXL_lGSxSEUta-BQEoJ2CR9QsBCW8L1HJoRywx61nWSC1wsCAxJlR4eg', + 'eyJraWQiOiJkZWZhdWx0UlNBU2lnbiIsInR5cCI6ImVudGl0eS1zdGF0ZW1lbnQrand0IiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCIsIm1ldGFkYXRhIjp7ImZlZGVyYXRpb25fZW50aXR5Ijp7ImZlZGVyYXRpb25fZmV0Y2hfZW5kcG9pbnQiOiJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9mZXRjaCIsImZlZGVyYXRpb25fcmVzb2x2ZV9lbmRwb2ludCI6Imh0dHBzOi8vb2lkYy5yZWdpc3RyeS5zZXJ2aXppY2llLmludGVybm8uZ292Lml0L3Jlc29sdmUiLCJmZWRlcmF0aW9uX3RydXN0X21hcmtfc3RhdHVzX2VuZHBvaW50IjoiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvdHJ1c3RfbWFya19zdGF0dXMiLCJmZWRlcmF0aW9uX2xpc3RfZW5kcG9pbnQiOiJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9saXN0In19LCJqd2tzIjp7ImtleXMiOlt7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwidXNlIjoic2lnIiwia2lkIjoiZGVmYXVsdFJTQVNpZ24iLCJuIjoicVJUSkhRZ2IyZjhjbG45ZEpiLVdnaWs0cUVMNUdHX19zUHpsQVU0aTY5UzZ5SHhlTWczMllnTGZVenBOQnhfOGtYMm5kellYTV9SS21vM2poalF4dXhDSzFJSFNRY01rZzFoR2lpLXhSdzh4NDV0OFNHbFdjU0hpN182UmFBWTFTeUZjRUVsTkFxSGk1b2VCYUIzRkd2ZnJWLUVQLWNOa1V2R0VWYnlzX0NieHlHRFE5UU0wTkVyc2lsVmxNQVJERXJFTlpjclkwck5LdDUyV29aZ3kzcHNWY2Q4VTVEMExxZkM3N2JQakczNVBhVmh3WUFubFAwZXowSGY2dHV5V0pIZUE1MmRDZGUtbmEzV2ptUGFya2NscEZyLUtqWGVJQzhCd2ZqRXBBWGJLY3A4Tm11UUZqOWZEOUtuUjZ2Q2RPOTFSeUJJYkRsdUw1TEg4czBxRENRIn0seyJrdHkiOiJFQyIsInVzZSI6InNpZyIsImNydiI6IlAtMjU2Iiwia2lkIjoiZGVmYXVsdEVDU2lnbiIsIngiOiJ4TWtXSWExRVp5amdtazNKUUx0SERBOXAwVHBQOXdNU2JKSzBvQWl0Z2NrIiwieSI6IkNWTEZzdE93S3d0UXJ1dF92b0hqWU82SnoxSzBOWFJ1OE9MQ1RtS29zTGcifSx7Imt0eSI6IlJTQSIsImUiOiJBUUFCIiwidXNlIjoiZW5jIiwia2lkIjoiZGVmYXVsdFJTQUVuYyIsIm4iOiJ3ZXcyMnhjcGZBU2tRUXA3U09vX0dzNmNLajJYeTd4VlpLX3RnWnh6QXlReExTeG01c1U0WkdzNm1kSUFIZEV2UTkxU25FSFR0anBlQVM5d0N2TlhWbVZ4TklqRkFQSnpDWXBzZkZ4R3pXMVBSM1NDQmVLUFl6VWpTeUJTZWw1LW1Td1U4MHlZQXFPbFoxUVJaTlFJNUVTVXZOUG9lUEZqR0NvZnhuRlJzbXF5X21Bd1p5bmQyTnJyc1QyQXlwMEw2UFF3ei1Fa09oakVCcHpzeXEwcE11am5aRWZ2UHk5UC1YdjJTVUZMZUpQcm1jRHllNjRaMlk5V1BoMmpwa25oT3hESzhSTUwtMllUdmI0dVNPalowWFpPVzltVm9nTkpSSm0yemVQVGVlTFBxR2x1TGNEenBsYnkwbkxiTGpkWDdLM29MYnFoRGFld2o3VnJhS2Vtc1EifV19LCJ0cnVzdF9tYXJrX2lzc3VlcnMiOnsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvb2F1dGhfcmVzb3VyY2UvcHJpdmF0ZSI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vcGVuaWRfcHJvdmlkZXIvcHJpdmF0ZSI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vYXV0aF9yZXNvdXJjZS9wdWJsaWMiOlsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQiXSwiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvaW50ZXJtZWRpYXRlL3B1YmxpYyI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vcGVuaWRfcmVseWluZ19wYXJ0eS9wdWJsaWMiOlsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQiLCJodHRwczovL2NvaGVzaW9uMi5yZWdpb25lLm1hcmNoZS5pdC9vaWRjL3NhLyIsImh0dHBzOi8vYXV0aC50b3NjYW5hLml0L2F1dGgvcmVhbG1zL2VudGkvZmVkZXJhdGlvbi1lbnRpdHkvcl90b3NjYW5fc2FfZW50aSIsImh0dHBzOi8vYXV0ZW50aWNhemlvbmUuY2xvdWQucHJvdmluY2lhLnRuLml0L2FnZ3JlZ2F0b3JlIiwiaHR0cHM6Ly9vaWRjc2Eud2VibG9vbS5pdCIsImh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYSIsImh0dHBzOi8vc2VjdXJlLmVyZW1pbmQuaXQvaWRlbnRpdGEtZGlnaXRhbGUtb2lkYy9vaWRjLWZlZCIsImh0dHBzOi8vY2llLW9pZGMuY29tdW5lLW9ubGluZS5pdC9BdXRoU2VydmljZU9JREMvb2lkYy9zYSIsImh0dHBzOi8vcGhwLWNpZS5hbmR4b3IuaXQiLCJodHRwczovL2xvZ2luLmFzZndlYi5pdC8iLCJodHRwczovL29pZGMuc3R1ZGlvYW1pY2EuY29tIiwiaHR0cHM6Ly9pZHAuZW50cmFuZXh0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9jd29sc3NvLm51dm9sYXBhbGl0YWxzb2Z0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9mZWRlcmEubGVwaWRhLml0L2d3L09pZGNTYUZ1bGwvIiwiaHR0cHM6Ly93d3cuZXVyb2NvbnRhYi5pdC9hcGkiXSwiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvaW50ZXJtZWRpYXRlL3ByaXZhdGUiOlsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQiXSwiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvb3BlbmlkX3Byb3ZpZGVyL3B1YmxpYyI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vcGVuaWRfcmVseWluZ19wYXJ0eS9wcml2YXRlIjpbImh0dHBzOi8vb2lkYy5yZWdpc3RyeS5zZXJ2aXppY2llLmludGVybm8uZ292Lml0IiwiaHR0cHM6Ly9vaWRjc2Eud2VibG9vbS5pdCIsImh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYSIsImh0dHBzOi8vc2VjdXJlLmVyZW1pbmQuaXQvaWRlbnRpdGEtZGlnaXRhbGUtb2lkYy9vaWRjLWZlZCIsImh0dHBzOi8vY2llLW9pZGMuY29tdW5lLW9ubGluZS5pdC9BdXRoU2VydmljZU9JREMvb2lkYy9zYSIsImh0dHBzOi8vcGhwLWNpZS5hbmR4b3IuaXQiLCJodHRwczovL2xvZ2luLmFzZndlYi5pdC8iLCJodHRwczovL29pZGMuc3R1ZGlvYW1pY2EuY29tIiwiaHR0cHM6Ly9pZHAuZW50cmFuZXh0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9jd29sc3NvLm51dm9sYXBhbGl0YWxzb2Z0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9mZWRlcmEubGVwaWRhLml0L2d3L09pZGNTYUZ1bGwvIiwiaHR0cHM6Ly93d3cuZXVyb2NvbnRhYi5pdC9hcGkiXX0sImlzcyI6Imh0dHBzOi8vb2lkYy5yZWdpc3RyeS5zZXJ2aXppY2llLmludGVybm8uZ292Lml0IiwiZXhwIjoxNzI4NDI4MDI1LCJpYXQiOjE3MjgzNDE2MjUsImNvbnN0cmFpbnRzIjp7Im1heF9wYXRoX2xlbmd0aCI6MX0sInRydXN0X21hcmtzX2lzc3VlcnMiOnsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvb2F1dGhfcmVzb3VyY2UvcHJpdmF0ZSI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vcGVuaWRfcHJvdmlkZXIvcHJpdmF0ZSI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vYXV0aF9yZXNvdXJjZS9wdWJsaWMiOlsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQiXSwiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvaW50ZXJtZWRpYXRlL3B1YmxpYyI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vcGVuaWRfcmVseWluZ19wYXJ0eS9wdWJsaWMiOlsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQiLCJodHRwczovL2NvaGVzaW9uMi5yZWdpb25lLm1hcmNoZS5pdC9vaWRjL3NhLyIsImh0dHBzOi8vYXV0aC50b3NjYW5hLml0L2F1dGgvcmVhbG1zL2VudGkvZmVkZXJhdGlvbi1lbnRpdHkvcl90b3NjYW5fc2FfZW50aSIsImh0dHBzOi8vYXV0ZW50aWNhemlvbmUuY2xvdWQucHJvdmluY2lhLnRuLml0L2FnZ3JlZ2F0b3JlIiwiaHR0cHM6Ly9vaWRjc2Eud2VibG9vbS5pdCIsImh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYSIsImh0dHBzOi8vc2VjdXJlLmVyZW1pbmQuaXQvaWRlbnRpdGEtZGlnaXRhbGUtb2lkYy9vaWRjLWZlZCIsImh0dHBzOi8vY2llLW9pZGMuY29tdW5lLW9ubGluZS5pdC9BdXRoU2VydmljZU9JREMvb2lkYy9zYSIsImh0dHBzOi8vcGhwLWNpZS5hbmR4b3IuaXQiLCJodHRwczovL2xvZ2luLmFzZndlYi5pdC8iLCJodHRwczovL29pZGMuc3R1ZGlvYW1pY2EuY29tIiwiaHR0cHM6Ly9pZHAuZW50cmFuZXh0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9jd29sc3NvLm51dm9sYXBhbGl0YWxzb2Z0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9mZWRlcmEubGVwaWRhLml0L2d3L09pZGNTYUZ1bGwvIiwiaHR0cHM6Ly93d3cuZXVyb2NvbnRhYi5pdC9hcGkiXSwiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvaW50ZXJtZWRpYXRlL3ByaXZhdGUiOlsiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQiXSwiaHR0cHM6Ly9vaWRjLnJlZ2lzdHJ5LnNlcnZpemljaWUuaW50ZXJuby5nb3YuaXQvb3BlbmlkX3Byb3ZpZGVyL3B1YmxpYyI6WyJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdCJdLCJodHRwczovL29pZGMucmVnaXN0cnkuc2Vydml6aWNpZS5pbnRlcm5vLmdvdi5pdC9vcGVuaWRfcmVseWluZ19wYXJ0eS9wcml2YXRlIjpbImh0dHBzOi8vb2lkYy5yZWdpc3RyeS5zZXJ2aXppY2llLmludGVybm8uZ292Lml0IiwiaHR0cHM6Ly9vaWRjc2Eud2VibG9vbS5pdCIsImh0dHBzOi8vc3BpZC53YnNzLml0L1NwaWQvb2lkYy9zYSIsImh0dHBzOi8vc2VjdXJlLmVyZW1pbmQuaXQvaWRlbnRpdGEtZGlnaXRhbGUtb2lkYy9vaWRjLWZlZCIsImh0dHBzOi8vY2llLW9pZGMuY29tdW5lLW9ubGluZS5pdC9BdXRoU2VydmljZU9JREMvb2lkYy9zYSIsImh0dHBzOi8vcGhwLWNpZS5hbmR4b3IuaXQiLCJodHRwczovL2xvZ2luLmFzZndlYi5pdC8iLCJodHRwczovL29pZGMuc3R1ZGlvYW1pY2EuY29tIiwiaHR0cHM6Ly9pZHAuZW50cmFuZXh0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9jd29sc3NvLm51dm9sYXBhbGl0YWxzb2Z0Lml0L3NlcnZpY2VzL29pZGMvc2Evc3NvIiwiaHR0cHM6Ly9mZWRlcmEubGVwaWRhLml0L2d3L09pZGNTYUZ1bGwvIiwiaHR0cHM6Ly93d3cuZXVyb2NvbnRhYi5pdC9hcGkiXX19.QVndoAzYG4-r-f1mq2szTurjN4IWG5GN6aUBeIm6k5EXOdjEa2oOmP8iANBjCFWF6eNPNN2t342pBpb6-46o9kJv9MxyWASIaBkOv_X8RJGEgv2ghDLLnfOLv4R6J9XH9IIsQPzjlezgWJYk61ukfYN7kWA_aIT5Hf42zEU14V5kLbl50r8wjgJVRwmSBsDLKsWbOnbzfkiKv4druFhfhDZjiyBeCjYajh9MFYdAR1awYihNM-JVib89Z7XgOqxq4qGogPt_XU-YMuf917lw4kpphPRoUe1QIoj1KXfgbpJUdgiLMlXQoBl57Ej3b1mVWgEkC6oKjNyNvZR57Kx8AQ', + ]), + ) + }) + }) +} diff --git a/packages/oidf-client/agent.yml b/packages/oidf-client/agent.yml new file mode 100644 index 000000000..2394cbe0a --- /dev/null +++ b/packages/oidf-client/agent.yml @@ -0,0 +1,76 @@ +version: 3.0 + +constants: + baseUrl: http://localhost:3335 + port: 3335 + # please use your own X25519 key, this is only an example + secretKey: 29739248cad1bd1a0fc4d9b75cd4d2990de535baf5caadfdf8d8f86664aa830c + methods: + - resolveTrustChain + - signJwt + - verifyJwt + +server: + baseUrl: + $ref: /constants/baseUrl + port: + $ref: /constants/port + use: + # CORS + - - $require: 'cors' + + # Add agent to the request object + - - $require: '@veramo/remote-server?t=function#RequestWithAgentRouter' + $args: + - agent: + $ref: /agent + + # API base path + - - /agent + - $require: '@veramo/remote-server?t=function#apiKeyAuth' + $args: + # Please configure your own API key. This is used when executing agent methods through ${baseUrl}/agent or ${baseUrl}/api-docs + - apiKey: test123 + - $require: '@veramo/remote-server?t=function#AgentRouter' + $args: + - exposedMethods: + $ref: /constants/methods + + # Open API schema + - - /open-api.json + - $require: '@veramo/remote-server?t=function#ApiSchemaRouter' + $args: + - basePath: :3335/agent + securityScheme: bearer + apiName: Agent + apiVersion: '1.0.0' + exposedMethods: + $ref: /constants/methods + + # Swagger docs + - - /api-docs + - $require: swagger-ui-express?t=object#serve + - $require: swagger-ui-express?t=function#setup + $args: + - null + - swaggerOptions: + url: '/open-api.json' + + # Execute during server initialization + init: + - $require: '@veramo/remote-server?t=function#createDefaultDid' + $args: + - agent: + $ref: /agent + baseUrl: + $ref: /constants/baseUrl + messagingServiceEndpoint: /messaging + +# Agent +agent: + $require: '@veramo/core#Agent' + $args: + - schemaValidation: false + plugins: + - $require: '@sphereon/ssi-sdk-ext.jwt-service#JwtService' + - $require: ./packages/oidf-client/dist#OIDFClient diff --git a/packages/oidf-client/api-extractor.json b/packages/oidf-client/api-extractor.json new file mode 100644 index 000000000..94c2c6a9f --- /dev/null +++ b/packages/oidf-client/api-extractor.json @@ -0,0 +1,3 @@ +{ + "extends": "../include/api-extractor-base.json" +} diff --git a/packages/oidf-client/package.json b/packages/oidf-client/package.json new file mode 100644 index 000000000..686c9a989 --- /dev/null +++ b/packages/oidf-client/package.json @@ -0,0 +1,52 @@ +{ + "name": "@sphereon/ssi-sdk.oidf-client", + "version": "0.30.1", + "source": "src/index.ts", + "main": "dist/index.js", + "types": "dist/index.d.ts", + "veramo": { + "pluginInterfaces": { + "IOIDFClient": "./src/types/IOIDFClient.ts" + } + }, + "scripts": { + "build": "tsc", + "build:clean": "tsc --build --clean && tsc --build", + "generate-plugin-schema": "ts-node ../../packages/dev/bin/sphereon.js dev generate-plugin-schema" + }, + "dependencies": { + "@sphereon/ssi-types": "workspace:*", + "@sphereon/openid-federation-open-api": "0.1.0-unstable.d8421f6", + "@sphereon/openid-federation-client": "0.1.0-unstable.d8421f6", + "@sphereon/openid-federation-common": "0.1.0-unstable.d8421f6", + "@sphereon/ssi-sdk-ext.jwt-service": "0.25.0" + }, + "devDependencies": { + "@sphereon/ssi-sdk.agent-config": "workspace:*", + "@veramo/remote-client": "4.2.0", + "@veramo/remote-server": "4.2.0", + "jose": "5.9.4", + "nock": "^13.5.5", + "cross-fetch": "^3.1.8" + }, + "files": [ + "dist/**/*", + "src/**/*", + "README.md", + "plugin.schema.json", + "LICENSE" + ], + "private": false, + "publishConfig": { + "access": "public" + }, + "repository": "git@github.com:Sphereon-Opensource/SSI-SDK.git", + "author": "Sphereon ", + "license": "Apache-2.0", + "keywords": [ + "Sphereon", + "SSI", + "Veramo", + "OpenID Federation" + ] +} diff --git a/packages/oidf-client/src/agent/OIDFClient.ts b/packages/oidf-client/src/agent/OIDFClient.ts new file mode 100644 index 000000000..45271ccf9 --- /dev/null +++ b/packages/oidf-client/src/agent/OIDFClient.ts @@ -0,0 +1,93 @@ +import {IAgentPlugin} from "@veramo/core"; +import { + CreateJwsCompactArgs, + IJwsValidationResult, + JwtCompactResult, + VerifyJwsArgs, +} from '@sphereon/ssi-sdk-ext.jwt-service' +import { + IOIDFClient, + OIDFClientArgs, + RequiredContext, + ResolveTrustChainArgs, + ResolveTrustChainCallbackResult +} from '../types/IOIDFClient'; +import {com} from '@sphereon/openid-federation-client'; +import {schema} from '../index'; +import FederationClient = com.sphereon.oid.fed.client.FederationClient; +import DefaultFetchJSImpl = com.sphereon.oid.fed.client.fetch.DefaultFetchJSImpl; +import DefaultTrustChainJSImpl = com.sphereon.oid.fed.client.trustchain.DefaultTrustChainJSImpl; +import DefaultCallbacks = com.sphereon.oid.fed.client.service.DefaultCallbacks; +import {JWK} from "@sphereon/ssi-types"; + +export const oidfClientMethods: Array = [ + 'resolveTrustChain', + 'signJwt', + 'verifyJwt' +] + +export class OIDFClient implements IAgentPlugin { + private oidfClient?: FederationClient + readonly schema = schema.IOIDFClient + + constructor(args?: OIDFClientArgs) { + const { cryptoServiceCallback } = { ...args } + + if (cryptoServiceCallback !== undefined && cryptoServiceCallback !== null) { + DefaultCallbacks.setCryptoServiceDefault(cryptoServiceCallback) + DefaultCallbacks.setFetchServiceDefault(new DefaultFetchJSImpl()) + // Depends on the crypto and fetch services, thus it must be the last one to be set + DefaultCallbacks.setTrustChainServiceDefault(new DefaultTrustChainJSImpl()) + this.oidfClient = new FederationClient() + } + } + + readonly methods: IOIDFClient = { + resolveTrustChain: this.resolveTrustChain.bind(this), + signJwt: this.signJwt.bind(this), + verifyJwt: this.verifyJwt.bind(this) + } + + private async resolveTrustChain(args: ResolveTrustChainArgs, context: RequiredContext): Promise { + const { entityIdentifier, trustAnchors } = args + this.checkAndSetDefaultCryptoService(context); + return await this.oidfClient?.resolveTrustChain(entityIdentifier, trustAnchors) + } + + private checkAndSetDefaultCryptoService(context: RequiredContext) { + if ((context.agent.jwtVerifyJwsSignature !== undefined && + context.agent.jwtVerifyJwsSignature !== null) && + (this.oidfClient === undefined || this.oidfClient === null)) { + try { + DefaultCallbacks.setCryptoServiceDefault({ + verify: async (jwt: string, key: any): Promise => { + const jwk: JWK = { ...key } + try { + console.error(`JWT: ${jwt}\nJWK: ${JSON.stringify(jwk)}`) + return !(await context.agent.jwtVerifyJwsSignature({ + jws: jwt, + jwk + })).error + } catch(e) { + console.error(`Error verifying the JWT: ${e.message}`) + return Promise.reject(e) + } + } + }) + DefaultCallbacks.setFetchServiceDefault(new DefaultFetchJSImpl()) + DefaultCallbacks.setTrustChainServiceDefault(new DefaultTrustChainJSImpl()) + this.oidfClient = new FederationClient() + } catch (error) { + throw Error(`Could not initialize the federation client: ${error.message}`) + } + } + } + + private async signJwt(args: CreateJwsCompactArgs, context: RequiredContext): Promise { + return await context.agent.jwtCreateJwsCompactSignature(args) + } + + private async verifyJwt(args: VerifyJwsArgs, context: RequiredContext): Promise { + return await context.agent.jwtVerifyJwsSignature(args) + } +} diff --git a/packages/oidf-client/src/index.ts b/packages/oidf-client/src/index.ts new file mode 100644 index 000000000..1b67ce28b --- /dev/null +++ b/packages/oidf-client/src/index.ts @@ -0,0 +1,13 @@ +import {Loggers} from '@sphereon/ssi-types' + +/** + * @public + */ +const schema = require('../plugin.schema.json') +export { schema } + +export const logger = Loggers.DEFAULT.get('sphereon:oidf-client') + +export { OIDFClient, oidfClientMethods } from './agent/OIDFClient' + +export * from './types/IOIDFClient' diff --git a/packages/oidf-client/src/types/IOIDFClient.ts b/packages/oidf-client/src/types/IOIDFClient.ts new file mode 100644 index 000000000..521d59f26 --- /dev/null +++ b/packages/oidf-client/src/types/IOIDFClient.ts @@ -0,0 +1,33 @@ +import {IAgentContext, IPluginMethodMap} from '@veramo/core'; +import { com } from '@sphereon/openid-federation-client'; +import ICryptoCallbackServiceJS = com.sphereon.oid.fed.client.crypto.ICryptoCallbackServiceJS; +import { + CreateJwsCompactArgs, + IJwsValidationResult, + IJwtService, + JwtCompactResult, + VerifyJwsArgs +} from '@sphereon/ssi-sdk-ext.jwt-service'; + +export interface IOIDFClient extends IPluginMethodMap { + resolveTrustChain(args: ResolveTrustChainArgs, context: RequiredContext): Promise + signJwt(args: CreateJwsCompactArgs, context: RequiredContext ): Promise + verifyJwt(args: VerifyJwsArgs, context: RequiredContext): Promise +} + +export type ResolveTrustChainArgs = { + entityIdentifier: string, + trustAnchors: Array +} + +export type OIDFClientArgs = { + cryptoServiceCallback?: CryptoServiceCallbackArgs +} + +export type CryptoServiceCallbackArgs = ICryptoCallbackServiceJS + +type Nullable = T | null | undefined + +export type ResolveTrustChainCallbackResult = Nullable> + +export type RequiredContext = IAgentContext diff --git a/packages/oidf-client/tsconfig.json b/packages/oidf-client/tsconfig.json new file mode 100644 index 000000000..d95c71b88 --- /dev/null +++ b/packages/oidf-client/tsconfig.json @@ -0,0 +1,17 @@ +{ + "extends": "../tsconfig-base.json", + "compilerOptions": { + "rootDir": "src", + "outDir": "dist", + "declarationDir": "dist", + "esModuleInterop": true + }, + "references": [ + { + "path": "../ssi-types" + }, + { + "path": "../agent-config" + } + ] +} diff --git a/packages/tsconfig.json b/packages/tsconfig.json index 12fc16a3f..a553bcad6 100644 --- a/packages/tsconfig.json +++ b/packages/tsconfig.json @@ -47,6 +47,7 @@ { "path": "sd-jwt" }, { "path": "ebsi-support" }, { "path": "public-key-hosting" }, - { "path": "resource-resolver" } + { "path": "resource-resolver" }, + { "path": "oidf-client" } ] } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index c1ae826d2..cc55bc8a0 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -1126,6 +1126,9 @@ importers: '@sphereon/ssi-sdk.mdl-mdoc': specifier: workspace:* version: link:../mdl-mdoc + '@sphereon/ssi-sdk.oidf-client': + specifier: workspace:* + version: link:../oidf-client '@sphereon/ssi-sdk.sd-jwt': specifier: workspace:* version: link:../sd-jwt @@ -1519,6 +1522,43 @@ importers: specifier: ^13.5.4 version: 13.5.5 + packages/oidf-client: + dependencies: + '@sphereon/openid-federation-client': + specifier: 0.1.0-unstable.d8421f6 + version: 0.1.0-unstable.d8421f6(encoding@0.1.13) + '@sphereon/openid-federation-common': + specifier: 0.1.0-unstable.d8421f6 + version: 0.1.0-unstable.d8421f6(encoding@0.1.13) + '@sphereon/openid-federation-open-api': + specifier: 0.1.0-unstable.d8421f6 + version: 0.1.0-unstable.d8421f6(encoding@0.1.13) + '@sphereon/ssi-sdk-ext.jwt-service': + specifier: 0.25.0 + version: 0.25.0(encoding@0.1.13)(pg@8.12.0)(sqlite3@5.1.7)(ts-node@10.9.2(@types/node@20.17.1)(typescript@5.6.3)) + '@sphereon/ssi-types': + specifier: workspace:* + version: link:../ssi-types + devDependencies: + '@sphereon/ssi-sdk.agent-config': + specifier: workspace:* + version: link:../agent-config + '@veramo/remote-client': + specifier: 4.2.0 + version: 4.2.0(encoding@0.1.13) + '@veramo/remote-server': + specifier: 4.2.0 + version: 4.2.0(encoding@0.1.13)(express@4.19.2) + cross-fetch: + specifier: ^3.1.8 + version: 3.1.8(encoding@0.1.13) + jose: + specifier: 5.9.4 + version: 5.9.4 + nock: + specifier: ^13.5.5 + version: 13.5.5 + packages/pd-manager: dependencies: '@sphereon/pex': @@ -5279,6 +5319,9 @@ packages: '@jridgewell/trace-mapping@0.3.9': resolution: {integrity: sha512-3Belt6tdc8bPgAtbcmdtNJlirVoTmEb5e2gC94PnkwEW9jI6CAHUeoG85tjWP5WquqfavoMtMwiG4P926ZKKuQ==} + '@js-joda/core@3.2.0': + resolution: {integrity: sha512-PMqgJ0sw5B7FKb2d5bWYIoxjri+QlW/Pys7+Rw82jSH0QN3rB05jZ/VrrsUdh1w4+i2kw9JOejXGq/KhDOX7Kg==} + '@js-joda/core@5.6.3': resolution: {integrity: sha512-T1rRxzdqkEXcou0ZprN1q9yDRlvzCPLqmlNt5IIsGBzoEVgLCCYrKEwc84+TvsXuAc95VAZwtWD2zVsKPY4bcA==} @@ -5987,6 +6030,15 @@ packages: awesome-qr: optional: true + '@sphereon/openid-federation-client@0.1.0-unstable.d8421f6': + resolution: {integrity: sha512-curfKYSn08zmMrOmRNhs+0ubtSMiX1blNjOpGsr7jrLg56RKgATHAuJQRPu0+28oIavrgjUqXEUnlJZi/mdjpw==} + + '@sphereon/openid-federation-common@0.1.0-unstable.d8421f6': + resolution: {integrity: sha512-ybCgk8iiRfHbyiANCrca577KL2b2JD+OLya56gpcetHXdJlW8eMlde/nkDa0fIwWUDl+lhp97NgFLuZ4tkGMfA==} + + '@sphereon/openid-federation-open-api@0.1.0-unstable.d8421f6': + resolution: {integrity: sha512-BoY0WKnxF/O2504Xw0HKA8C6bfPCnF1Nsj0/pMs6OZv+firszpqxlO5wIxbetEfJ449Q32GpUNrp76W3p5uvvw==} + '@sphereon/pex-models@2.3.1': resolution: {integrity: sha512-SByU4cJ0XYA6VZQ/L6lsSiRcFtBPHbFioCeQ4GP7/W/jQ+PSBD7uK2oTnKQ9/0iEiMK/6JYqhKgLs4a9UX3UTQ==} @@ -10014,8 +10066,8 @@ packages: jose@5.7.0: resolution: {integrity: sha512-3P9qfTYDVnNn642LCAqIKbTGb9a1TBxZ9ti5zEVEr48aDdflgRjhspWFb6WM4PzAfFbGMJYC4+803v8riCRAKw==} - jose@5.9.6: - resolution: {integrity: sha512-AMlnetc9+CV9asI19zHmrgS/WYsWUwCn2R7RzlbJWD7F9eWYUTGyBmU9o6PxngtLGOiDGPRu+Uc4fhKzbpteZQ==} + jose@5.9.4: + resolution: {integrity: sha512-WBBl6au1qg6OHj67yCffCgFR3BADJBXN8MdRvCgJDuMv3driV2nHr7jdGvaKX9IolosAsn+M0XRArqLXUhyJHQ==} js-base64@3.7.7: resolution: {integrity: sha512-7rCnleh0z2CkXhH67J8K1Ytz0b2Y+yxTPL+/KOJoa20hfnVQ/3/T6W/KflYI4bRHRagNeXeU2bkNGI3v1oS/lw==} @@ -13556,6 +13608,18 @@ packages: utf-8-validate: optional: true + ws@8.5.0: + resolution: {integrity: sha512-BWX0SWVgLPzYwF8lTzEy1egjhS4S4OEAHfsO8o65WOVsrnSRGaSiUaa9e0ggGlkMTtBlmOpEXiie9RUcBO86qg==} + engines: {node: '>=10.0.0'} + peerDependencies: + bufferutil: ^4.0.1 + utf-8-validate: ^5.0.2 + peerDependenciesMeta: + bufferutil: + optional: true + utf-8-validate: + optional: true + xcode@3.0.1: resolution: {integrity: sha512-kCz5k7J7XbJtjABOvkc5lJmkiDh8VhjVCGNiqdKCscmVpdVUpEAyXv1xmCLkQJ5dsHqx3IPO4XW+NTDhU/fatA==} engines: {node: '>=10.0.0'} @@ -15953,6 +16017,8 @@ snapshots: '@jridgewell/resolve-uri': 3.1.2 '@jridgewell/sourcemap-codec': 1.5.0 + '@js-joda/core@3.2.0': {} + '@js-joda/core@5.6.3': {} '@js-joda/timezone@2.3.0(@js-joda/core@5.6.3)': @@ -17394,6 +17460,42 @@ snapshots: - encoding - supports-color + '@sphereon/openid-federation-client@0.1.0-unstable.d8421f6(encoding@0.1.13)': + dependencies: + '@js-joda/core': 3.2.0 + abort-controller: 3.0.0 + format-util: 1.0.5 + jose: 5.9.4 + node-fetch: 2.7.0(encoding@0.1.13) + ws: 8.5.0 + transitivePeerDependencies: + - bufferutil + - encoding + - utf-8-validate + + '@sphereon/openid-federation-common@0.1.0-unstable.d8421f6(encoding@0.1.13)': + dependencies: + abort-controller: 3.0.0 + format-util: 1.0.5 + node-fetch: 2.7.0(encoding@0.1.13) + typescript: 5.6.3 + ws: 8.5.0 + transitivePeerDependencies: + - bufferutil + - encoding + - utf-8-validate + + '@sphereon/openid-federation-open-api@0.1.0-unstable.d8421f6(encoding@0.1.13)': + dependencies: + abort-controller: 3.0.0 + format-util: 1.0.5 + node-fetch: 2.7.0(encoding@0.1.13) + ws: 8.5.0 + transitivePeerDependencies: + - bufferutil + - encoding + - utf-8-validate + '@sphereon/pex-models@2.3.1': {} '@sphereon/pex@5.0.0-unstable.26': @@ -17624,7 +17726,7 @@ snapshots: '@veramo/core': 4.2.0(patch_hash=c5oempznsz4br5w3tcuk2i2mau) '@veramo/utils': 4.2.0(encoding@0.1.13) debug: 4.3.6 - jose: 5.9.6 + jose: 5.9.4 jwt-decode: 4.0.0 uint8arrays: 3.1.1 transitivePeerDependencies: @@ -23460,7 +23562,7 @@ snapshots: jose@5.7.0: {} - jose@5.9.6: {} + jose@5.9.4: {} js-base64@3.7.7: {} @@ -27543,6 +27645,8 @@ snapshots: ws@8.18.0: {} + ws@8.5.0: {} + xcode@3.0.1: dependencies: simple-plist: 1.3.1